Package: tikiwiki Severity: important Tags: security Could you please investigate if CVE-2006-6457 has been fixed in the Debian package? Thanks.
In addition, tiki-wiki_rss.php may suffer from an XSS vulnerability (the affected site claims to run the 1.0 CVS version, though): http://tikiwiki/tiki-wiki_rss.php?ver=555555555%3Cb%3E22362623 (This is a different vulnerability.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
