Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin (Plugin/meta.pm) in ikiwiki before 3.20120516 allow remote attackers to inject arbitrary web script or HTML via the (1) author or (2) authorurl meta tags.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ikiwiki | Ikiwiki | <= 3.20120419 |
Related Weaknesses (CWE)
References
- http://ikiwiki.info/news/version_3.20120516/
- http://osvdb.org/81995
- http://secunia.com/advisories/49199Vendor Advisory
- http://secunia.com/advisories/49232Vendor Advisory
- http://source.ikiwiki.branchable.com/?p=source.git%3Ba=commitdiff%3Bh=fbfcea89f8
- http://www.debian.org/security/2012/dsa-2474
- http://www.securityfocus.com/bid/53599
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75702
- http://ikiwiki.info/news/version_3.20120516/
- http://osvdb.org/81995
- http://secunia.com/advisories/49199Vendor Advisory
- http://secunia.com/advisories/49232Vendor Advisory
- http://source.ikiwiki.branchable.com/?p=source.git%3Ba=commitdiff%3Bh=fbfcea89f8
- http://www.debian.org/security/2012/dsa-2474
- http://www.securityfocus.com/bid/53599
FAQ
What is CVE-2012-0220?
CVE-2012-0220 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin (Plugin/meta.pm) in ikiwiki before 3.20120516 allow remote attackers to inject arbitrary web script or HTML via the (1) author or...
How severe is CVE-2012-0220?
CVE-2012-0220 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-0220?
Check the references section above for vendor advisories and patch information. Affected products include: Ikiwiki Ikiwiki.