Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5321

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2012-5321
Last Modified 09 Oct 2012 12:00:00
Published 08 Oct 2012 02:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-5321

Summary

tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote attackers to load arbitrary web site pages into frames and conduct phishing attacks via the url parameter, aka "frame injection."

Vulnerable Systems

Application

  • Tikiwiki Cms%2fgroupware 8.3


References

XF - tikiwiki-tikifeaturedlink-open-redirect(73403)

SECTRACK - 1026708

BID - 52079

MISC - http://st2tea.blogspot.com/2012/02/tiki-wiki-cms-groupware-frame-injection.html

SECUNIA - 48102

OSVDB - 79409


Last Updated: 27 May 2016 11:00:54