Web application abuses : MoniWiki < 1.0.9 XSS Vulnerability

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.15566

Category: Web application abuses

Title: MoniWiki < 1.0.9 XSS Vulnerability - Active Check

Summary: MoniWiki is prone to a cross-site scripting (XSS); vulnerability.

Description: Summary:
MoniWiki is prone to a cross-site scripting (XSS)
vulnerability.

Vulnerability Insight:
The remote version of this software is vulnerable to XSS
attacks, through the script 'wiki.php'.

With a specially crafted URL, an attacker can cause arbitrary code execution in users' browsers
resulting in a loss of integrity.

Affected Software/OS:
MoniWiki version 1.0.8 and prior.

Solution:
Update to version 1.0.9 or later.

CVSS Score:
4.3

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2004-1632
BugTraq ID: 11516
http://www.securityfocus.com/bid/11516
Bugtraq: 20041025 STG Security Advisory: [SSA-20041022-08] MoniWiki XSS vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=109873622006103&w=2
http://secunia.com/advisories/12975
XForce ISS Database: moniwiki-wiki-xss(17835)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17835

Copyright Copyright (C) 2004 David Maciejak

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.15566
Category:	Web application abuses
Title:	MoniWiki < 1.0.9 XSS Vulnerability - Active Check
Summary:	MoniWiki is prone to a cross-site scripting (XSS); vulnerability.
Description:	Summary: MoniWiki is prone to a cross-site scripting (XSS) vulnerability. Vulnerability Insight: The remote version of this software is vulnerable to XSS attacks, through the script 'wiki.php'. With a specially crafted URL, an attacker can cause arbitrary code execution in users' browsers resulting in a loss of integrity. Affected Software/OS: MoniWiki version 1.0.8 and prior. Solution: Update to version 1.0.9 or later. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1632 BugTraq ID: 11516 http://www.securityfocus.com/bid/11516 Bugtraq: 20041025 STG Security Advisory: [SSA-20041022-08] MoniWiki XSS vulnerability (Google Search) http://marc.info/?l=bugtraq&m=109873622006103&w=2 http://secunia.com/advisories/12975 XForce ISS Database: moniwiki-wiki-xss(17835) https://exchange.xforce.ibmcloud.com/vulnerabilities/17835
Copyright	Copyright (C) 2004 David Maciejak