CVE-2006-7050

Published: Feb 24, 2007Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in WikkaWiki (Wikka Wiki) before 1.1.6.2 allows remote attackers to inject arbitrary javascript via (1) events in forced links (url parameter) that are not properly handled in formatters/wakka.php, and possibly (2) other vectors in wikka.php.

Affected (1)

Products: Wikkawiki: Wikkawiki

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Wikkawiki Wikkawiki	Up to 1.1.6.1

References (14)

http://secunia.com/advisories/20628

Source: cve@mitre.org

Patch

http://wikkawiki.org/WikkaReleaseNotes

Source: cve@mitre.org

http://wush.net/trac/wikka/changeset/47

Source: cve@mitre.org

http://wush.net/trac/wikka/ticket/142

Source: cve@mitre.org

http://www.securityfocus.com/bid/18481

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/2381

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/27227

Source: cve@mitre.org

http://secunia.com/advisories/20628

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://wikkawiki.org/WikkaReleaseNotes

Source: af854a3a-2127-422b-91ae-364da2661108

http://wush.net/trac/wikka/changeset/47

Source: af854a3a-2127-422b-91ae-364da2661108

http://wush.net/trac/wikka/ticket/142

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/18481

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/2381

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/27227

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.