A vulnerability has been discovered in Tikiwiki, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "username" parameter in tiki-remind_password.php (when "remind" is set to "send me my password") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code (for example with meta refreshes to a javascript: URL) in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.9.7 with the BasicEnabled profile selected during installation. Other versions may also be affected.
CC'ing herd and setting whiteboard status.
*** Bug 190097 has been marked as a duplicate of this bug. ***
Tikiwiki-1.9.8 is in the tree. 1.9.6 was marked stable on ppc. Target archs: ppc
Changing whiteboard to stable and proposing C4 as severity level, also reference to CVE.
ppc stable
thanks tobias! removed insecure versions from the tree. web-apps is done here.
A GLSA is not needed here, closing.
