wikiplugin_includetpl in lib/wiki-plugins/wikiplugin_includetpl.php in Tiki before 28.3 mishandles input to an eval. The fixed versions are 21.12, 24.8, 27.2, and 28.3.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Tiki |
|
No data.
No data.
References
History
Wed, 09 Apr 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 09 Apr 2025 01:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | wikiplugin_includetpl in lib/wiki-plugins/wikiplugin_includetpl.php in Tiki before 28.3 mishandles input to an eval. The fixed versions are 21.12, 24.8, 27.2, and 28.3. | |
| Weaknesses | CWE-1336 | |
| References |
|
|
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2025-04-09T00:00:00.000Z
Updated: 2025-04-09T19:25:12.578Z
Reserved: 2025-04-09T00:00:00.000Z
Link: CVE-2025-32461
Vulnrichment
Updated: 2025-04-09T19:25:07.876Z
NVD
Status : Awaiting Analysis
Published: 2025-04-09T02:15:16.253
Modified: 2025-04-09T20:02:41.860
Link: CVE-2025-32461
Redhat
No data.