CVE-2012-0220
ikiwiki - cross-site scripting
EPSS 0.47%
Description
Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin (Plugin/meta.pm) in ikiwiki before 3.20120516 allow remote attackers to inject arbitrary web script or HTML via the (1) author or (2) authorurl meta tags.
How to fix CVE-2012-0220
To remediate CVE-2012-0220, upgrade the affected package to a fixed version below.
- Debian/ikiwiki—upgrade to 3.20120516 or later
- Debian/ikiwiki—upgrade to 3.20100815.9 or later
Is CVE-2012-0220 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 3.20120516
- from 0, < 3.20100815.9