Known Issues of TWiki 4.3.x Production Releases
These are known issues of
TWiki-4.3.0,
TWiki-4.3.1 and
TWiki-4.3.2, code named
GeorgetownRelease.
The latest TWiki release is available at
DownloadTWiki.
Security Alerts
- Security Alert L1: Remote Perl code execution with query string to debug TWiki plugins
- Security Alert L1: Apache configuration file upload on TWiki on Windows server
- Security Alert L1: MAKETEXT variable allows arbitrary shell command execution
- Security Alert L3: XSS Vulnerability with topic create and slideshows
- Security Alert L3: XSS Vulnerability with origurl parameter of login script
- Security Alert L3: XSS Vulnerability with rev parameter & login script
- Security Audit L3: Crypt token based fix for cross-site request forgery vulnerability
- Security Alert L2: Cross-site request forgery vulnerability with image tag
Major issues
Minor issues
Major issues
Minor issues
Major issues
Minor issues
Bug reports
Please visit the bugs web to review and report bugs.
--
Contributors: PeterThoeny - 30 Mar 2009
Discussion
Found a bug? Fill in a report in the bugs web.
Need support? Ask your questions in the Support web, but only after reviewing the support guidelines :-)