CVE-2018-7188

CVE: CVE-2018-7188
Published: 2018-02-16T18:29Z
Description Language: en
Description: An XSS vulnerability (via an SVG image) in Tiki before 18 allows an authenticated user to gain administrator privileges if an administrator opens a wiki page with a malicious SVG image, related to lib/filegals/filegallib.php.
References:
http://openwall.com/lists/oss-security/2018/02/16/1
https://sourceforge.net/p/tikiwiki/code/65327