Lucene search

K
cvelistMitreCVELIST:CVE-2014-9253
HistoryDec 17, 2014 - 6:00 p.m.

CVE-2014-9253

2014-12-1718:00:00
mitre
www.cve.org
7

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

61.8%

The default file type whitelist configuration in conf/mime.conf in the Media Manager in DokuWiki before 2014-09-29b allows remote attackers to execute arbitrary web script or HTML by uploading an SWF file, then accessing it via the media parameter to lib/exe/fetch.php.

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

61.8%