CVE-2011-4551

Published: Oct 1, 2012Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2 and LTS before 6.5 allows remote attackers to inject arbitrary web script or HTML via arbitrary parameters.

Affected (24)

Products: Tiki: Tikiwiki Cms/groupware

Tiki

1 product

Tikiwiki Cms/groupware

Configuration A

23 vulnerable

Vulnerable Software	Affected Versions
Tiki Tikiwiki Cms/groupware	Up to 8.1
Tiki Tikiwiki Cms/groupware	Version 2.2
Tiki Tikiwiki Cms/groupware	Version 3.0
Tiki Tikiwiki Cms/groupware	Version 3.1
Tiki Tikiwiki Cms/groupware	Version 3.2
Tiki Tikiwiki Cms/groupware	Version 3.3
Tiki Tikiwiki Cms/groupware	Version 3.4
Tiki Tikiwiki Cms/groupware	Version 3.5
Tiki Tikiwiki Cms/groupware	Version 4.0
Tiki Tikiwiki Cms/groupware	Version 4.1
Tiki Tikiwiki Cms/groupware	Version 4.2
Tiki Tikiwiki Cms/groupware	Version 4
Tiki Tikiwiki Cms/groupware	Version 5.0
Tiki Tikiwiki Cms/groupware	Version 5.1
Tiki Tikiwiki Cms/groupware	Version 5.2
Tiki Tikiwiki Cms/groupware	Version 5.3
Tiki Tikiwiki Cms/groupware	Version 6.0
Tiki Tikiwiki Cms/groupware	Version 6.1
Tiki Tikiwiki Cms/groupware	Version 6.2
Tiki Tikiwiki Cms/groupware	Version 7.0
Tiki Tikiwiki Cms/groupware	Version 7.1
Tiki Tikiwiki Cms/groupware	Version 7.2
Tiki Tikiwiki Cms/groupware	Version 8.0