4 matches found
DokuWiki <= 2025-05-14a Librarian - Reflected Cross-Site Scripting
DokuWiki 2025-05-14a 'Librarian' contains a stored XSS caused by improper sanitization of the 'q' parameter, letting remote attackers execute arbitrary scripts, exploit requires no special privileges. id: CVE-2025-61224 info: name: DokuWiki = 2025-05-14a Librarian - Reflected Cross-Site Scripting...
CVE-2025-61224
creationtimestamp| type| source ---|---|--- 2026-06-16 04:05:56+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-61224.yaml...
Linux Distros Unpatched Vulnerability : CVE-2025-61224
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian'56.1 allows a remote attacker to execute arbitrary code via the q parameter CVE-2025-61224...
CVE-2025-61224
Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian'56.1 allows a remote attacker to execute arbitrary code via the q parameter...