Cross-site scripting (XSS) vulnerability in tiki-special_chars.php in TikiWiki before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via the area_name parameter.
Related bugs and status
CVE-2007-6526 (Candidate)
is related to these bugs: