via bugtraq: Bug Description: TikiWiki version 2.2 and later uses URI in html response body and fails to sanitize it. Is therefore prune to Active XSS attack. PROOF OF CONCEPT: /tiki-galleries.php/>"><Script>alert(1)</scRipt> /tiki-list_file_gallery.php/>"><Script>alert(2)</scRipt> /tiki-listpages.php/>"><Script>alert(3)</scRipt> /tiki-orphan_pages.php/>"><Script>alert(4)</scRipt> The javascript code will be executed in the context of the victim's browser, this can be exploited to steal cookies and escalate privileges to administrator.
tikiwiki 2.3 is out with a fix
+*tikiwiki-2.4 (11 Jun 2009) + + 11 Jun 2009; Alex Legler <a3li@gentoo.org> +tikiwiki-2.4.ebuild: + Non-maintainer commit: Version bump for security bugs 262280 and 264570. +
XSS in webapps -> noglsa, closing.