Test ID:	1.3.6.1.4.1.25623.1.0.100048
Category:	Web application abuses
Title:	Tiki Wiki CMS Groupware 'tiki-orphan_pages.php' XSS Vulnerability
Summary:	Tiki Wiki CMS Groupware is prone to a cross-site scripting vulnerability.;; This VT has been deprecated as a duplicate of the VT 'Tiki Wiki CMS Groupware < 2.4 Multiple XSS; Vulnerabilities' (OID: 1.3.6.1.4.1.25623.1.0.800266).
Description:	Summary: Tiki Wiki CMS Groupware is prone to a cross-site scripting vulnerability. This VT has been deprecated as a duplicate of the VT 'Tiki Wiki CMS Groupware < 2.4 Multiple XSS Vulnerabilities' (OID: 1.3.6.1.4.1.25623.1.0.800266). Vulnerability Impact: An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based authentication credentials. Affected Software/OS: Tiki Wiki CMS Groupware 2.2 through 3.0 beta1 are vulnerable. Solution: Upgrade to latest version. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1204 BugTraq ID: 34105 http://www.securityfocus.com/bid/34105 BugTraq ID: 34106 http://www.securityfocus.com/bid/34106 BugTraq ID: 34107 http://www.securityfocus.com/bid/34107 BugTraq ID: 34108 http://www.securityfocus.com/bid/34108 Bugtraq: 20090312 TikiWiki 2.2 XSS Vulnerability in URI (Google Search) http://www.securityfocus.com/archive/1/501702/100/0/threaded http://secunia.com/advisories/34273
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.