Security Advisory

CVE-2025-46349

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-29 17:11:10

Last updated 2025-04-29 18:01:20

Assigner GitHub_M

State PUBLISHED

Description

YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWiki is vulnerable to reflected XSS in the file upload form. This vulnerability allows any malicious unauthenticated user to create a link that can be clicked on by the victim to perform arbitrary actions. This issue has been patched in version 4.5.4.

← Browse all CVEs View on cve.org ↗