CVE-2024-47918
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Published Dec 30, 2024
CWE ID 78
Summary
CVE-2024-47918 is a vulnerability affecting Tiki Wiki CMS, identified as CWE-80. This issue involves improper neutralization of script-related HTML tags in a web page, resulting in a Basic Cross-Site Scripting (XSS) attack. An attacker can inject malicious scripts into a Tiki Wiki webpage, potentially stealing user data or gaining unauthorized access. Users are advised to update their Tiki Wiki installations to the latest version to mitigate this risk. Failure to do so may lead to data theft or unintended system modifications.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.