"TikiWiki is prone to multiple vulnerabilities, including:
- An SQL-injection vulnerability
- An unspecified authentication-bypass vulnerability
- An unspecified vulnerability
Exploiting these issues could allow an attacker to compromise the
application, access or modify data, exploit latent vulnerabilities in
the underlying database, and gain unauthorized access to the affected
application. Other attacks are also possible.
Versions prior to TikiWiki 4.2 are vulnerable. "
It is recommended that TikiWiki users update to 4.2.