CVE-2017-12979

2017-08-21T07:29:00
ID CVE-2017-12979
Type cve
Reporter cve@mitre.org
Modified 2017-08-25T16:52:00

Description

DokuWiki through 2017-02-19c has stored XSS when rendering a malicious language name in a code element, in /inc/parser/xhtml.php. An attacker can create or edit a wiki with this element to trigger JavaScript execution.