CVE-2018-7302
Tiki 17.1 allows upload of a .PNG file that actually has SVG content, leading to XSS.
Date published : 2018-02-21
https://websecnerd.blogspot.in/2018/01/tiki-wiki-cms-groupware-17.html
Tiki 17.1 allows upload of a .PNG file that actually has SVG content, leading to XSS.
Date published : 2018-02-21
https://websecnerd.blogspot.in/2018/01/tiki-wiki-cms-groupware-17.html