Search This Blog

XWiki Web Application vulnerable to Cross Site Scripting

The hacker Sony discovered Cross site scripting Vulnerability in XWiki. XWiki is a free wiki software platform written in Java with a design emphasis on extensibility. XWiki Enterprise, the enterprise wiki edition, includes WYSIWYG editing, OpenOffice based document import/export, semantic annotations and tagging, and advanced permissions management

The comment box and profile page vulnerable to XSS.


It seems that he is targeting Wiki based web applications.  In past two weeks itself, he found xss Vulnerabilities in lot of websites . He found XSS vulnerabilities in Twiki, FosWiki


Share it:


Web Application Vulnerability

XSS Vulnerability