---+ Security Alert: SlideShowPlugin prior to version 2.1.4 has a cross site scripting vulnerability. 

Extensions.SlideShowPlugin should be updated to version 2.1.4 or later to close a cross site scripting vulnerability. 

All Foswiki versions prior to 1.1.4 are affected but the plugin can be updated in minutes from configure or manually by downloading and replacing the plugin from Extensions.SlideShowPlugin.

---++ Severity Level

3

The severity level was assigned by the Foswiki Community.SecurityTaskTeam as documented in Development.SecurityAlertProcess

---++ Vulnerable Software Versions



---++ MITRE Name for this Vulnerability

The Common Vulnerabilities and Exposures project has assigned the name CVE- to this vulnerability, see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-