Published:2006/04/17 Last Updated:2008/05/21

JVN#35274905

FreeStyleWiki cross-site scripting vulnerability

Overview

FreeStyleWiki, a Wiki clone program implemented in Perl, contains a cross-site scripting vulnerability.

Products Affected

FreeStyleWiki 3.5.10 and earlier

Description

Impact

An rbitrary script may be executed on the user's web browser. In addition, if session information from a cookie is leaked, an attacker could possibly conduct session hijacking.

Solution

Vendor Status

Vendor	Status	Last Update	Vendor Notes
FreeStyle Wiki Project	Vulnerable	2006/04/18

References

JPCERT/CC Addendum

Credit

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia	JVNDB-2006-000612

JVN#35274905 FreeStyleWiki cross-site scripting vulnerability