Browse all 6 CVE security advisories affecting Tiki Wiki. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Tiki Wiki is a web-based collaborative platform used for content management, groupware, and building websites. Historically, it has been susceptible to multiple security vulnerabilities including remote code execution, cross-site scripting, and privilege escalation. The software has accumulated six CVEs to date, with issues often stemming from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the consistent presence of vulnerabilities in older versions highlights the importance of timely updates and secure configuration for organizations relying on this platform for collaborative content management and website development.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-47920 | Tiki Wiki CMS – CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') — CMSCWE-79 | 7.5 | High | 2024-12-30 |
| CVE-2024-47919 | Tiki Wiki CMS – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') — CMSCWE-78 | 9.8 | Critical | 2024-12-30 |
| CVE-2024-47918 | Tiki Wiki CMS – CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) — CMSCWE-78 | 6.1 | Medium | 2024-12-30 |
| CVE-2010-4239 | Tiki Wiki CMS Groupware 输入验证错误漏洞 — CMS Groupware | 9.8 | - | 2019-10-28 |
| CVE-2010-4240 | Tiki Wiki CMS Groupware 跨站脚本漏洞 — CMS Groupware | 6.1 | - | 2019-10-28 |
| CVE-2010-4241 | Tiki Wiki CMS Groupware 跨站请求伪造漏洞 — CMS Groupware | 8.8 | - | 2019-10-28 |
This page lists every published CVE security advisory associated with Tiki Wiki. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.