<quote> /*==========================================*/ //tikiwiki version 1.9.5 (CVS) -Sirius- (PoC) // Product: Tikiwiki // URL: http://tikiwiki.org/ // RISK: critical /*==========================================*/ there's a critical security bug in tikiwiki version 1.9.5 (CVS) -Sirius- a anonymous user , can dump the mysql user & passwd just by creating a mysql error with the "sort_mode" var , with those following links : </quote> <quote> there's also a xss here : /tiki-featured_link.php?type=f&url=" ></iframe><scr</script>ipt>alert('XSS')</scri</script>pt> <!-- </quote>
http://dev.tikiwiki.org/tiki-view_tracker_item.php?itemId=927&trackerId=5 - fixed for 1.9 CVS - xss vulnerability fixed merge into 1.10 on the way
1.9.6 in CVS, needs ppc lovin'
ppc stable, this one's ready for GLSA decision.
security please vote
Hm, I would not want my users know my database credentials. I know some bigger organizations that use Tikiwiki for their Intranets, so I guess I'll say "yes" here.
Voting YES. Let's have GLSA on this one.
GLSA 200611-11
