CVEs-PoC/2018/CVE-2018-7302.md at 1d6c9cc2d32011b4067709e82e65c19a7c3a8db8 - CVEs-PoC - MS-GitHub-Backup (Gitea)

CalvinBackup/CVEs-PoC

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-12 17:32:18 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

587 B

Raw Blame History

CVE-2018-7302

Description

Tiki 17.1 allows upload of a .PNG file that actually has SVG content, leading to XSS.

POC

Reference

https://websecnerd.blogspot.in/2018/01/tiki-wiki-cms-groupware-17.html

Github

No PoCs found on GitHub currently.