====================================================================

                                CERT-Renater

                    Note d'Information No. 2016/VULN427
_____________________________________________________________________

DATE                : 26/12/2016

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Tiki versions prior to 16.1, 15.3,
                                     12.10.

=====================================================================
https://tiki.org/article443-Security-update-Tiki-16-1-Tiki-15-3-and-Tiki-12-10-released
____________________________________________________________________

Security update: Tiki 16.1, Tiki 15.3 and Tiki 12.10 released!
Author: Security Team - Thu 22 Dec 2016 12:45 CET

Releases and Patches

The Tiki Community has released updates to all current versions of Tiki
Wiki CMS Groupware. These updates address a cross-site scripting
vulnerability in Tiki (CVE-2016-9889). The updates also include many
other fixes and improvements.

Special thanks to 0xExploit for the cooperation and assistance in
reporting the security issue.

We highly encourage all Tiki administrators to upgrade their sites to
the latest Tiki versions: Tiki 16.1, Tiki 15.3 LTS, and Tiki 12.10 LTS.

Visit https://tiki.org/Download to get the latest version.

==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================