The Tiki Community has released updates to all current versions of Tiki Wiki CMS Groupware. These updates address a cross-site scripting vulnerability in Tiki (CVE-2016-9889). The updates also include many other fixes and improvements.
Special thanks to 0xExploit for the cooperation and assistance in reporting the security issue.
We highly encourage all Tiki administrators to upgrade their sites to the latest Tiki versions: Tiki 16.1, Tiki 15.3 LTS, and Tiki 12.10 LTS.
Visit https://tiki.org/Download to get the latest version.