CVE-2018-7302

Publication date

2018-02-21 20:00:00

Family

mitre

State

PUBLISHED

Description

Tiki 17.1 allows upload of a .PNG file that actually has SVG content, leading to XSS.