Published:2005/08/29 Last Updated:2008/05/21
JVN#42435855
FreeStyleWiki command injection vulnerability
Overview
A cross-site scripting vulnerability exists in FreeStyleWiki's web management interface.
Products Affected
- FreeStyleWiki 3.5.8 and earlier
Description
Impact
A user having FreeStyleWiki administrative privileges but with no web server administrative privileges could execute arbitrary code with privileges to execute CGI on the web server.
Solution
References
JPCERT/CC Addendum
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE | |
| JVN iPedia |
JVNDB-2005-000788 |