VWE-2009-0034 Printable Version

https://www.vaultwiki.org/pages/Book/Documentation/VWE-2009-0034
This page is a chapter in Info Known Vulnerabilities

This page has been seen 322,757 times.

- Created by
  pegasus
  on April 15, 2015
  
  Last updated by
  pegasus
  on February 16, 2017

Common Name Section Injection Vulnerability
VWE-ID VWE-2009-0034
Related Report None
Severity HIGH
Exploit Difficulty EASY
Platform Affects all platforms supported by the vulnerable versions.
Description HTML/Javascript injection.

Discovered June 2008
Resolved January 31, 2009
Patches Available 2.2.0
Workaround Update permissions so that untrusted users cannot edit any wiki pages.
The versions listed below are known to be affected by this issue. If you are using one of those versions, you should update to a newer release that has no known vulnerabilities.

Common Name	Section Injection Vulnerability
VWE-ID	VWE-2009-0034
Related Report	None
Severity	HIGH
Exploit Difficulty	EASY
Platform	Affects all platforms supported by the vulnerable versions.
Description	HTML/Javascript injection.
Discovered	June 2008
Resolved	January 31, 2009
Patches Available	2.2.0
Workaround	Update permissions so that untrusted users cannot edit any wiki pages.