CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

NVD•added 2024/08/16 6:15 p.m.•15 views

CVE-2024-42758

A Cross-site Scripting XSS vulnerability exists in version v2024-01-05 of the indexmenu plugin when is used and enabled in Dokuwiki Open Source Wiki Engine. A malicious attacker can input XSS payloads for example when creating or editing existing page, to trigger the XSS on Dokuwiki, which is the...

5.4CVSS0.01883EPSS

Exploits0References4

OSV•added 2024/08/16 6:15 p.m.•1 views

CVE-2024-42758

5.4CVSS5.8AI score0.01883EPSS

Exploits0References4

Positive Technologies•added 2024/08/16 12:0 a.m.•1 views

PT-2024-30128 · Dokuwiki · Indexmenu Plugin

Name of the Vulnerable Software and Affected Versions: indexmenu plugin version v2024-01-05 Description: A Cross-site Scripting XSS issue exists in the indexmenu plugin for Dokuwiki. This allows a malicious attacker to input XSS payloads, for example, when creating or editing a page. The XSS is...

5.4CVSS5.5AI score0.01883EPSS

Exploits0References8

CVE•added 2024/08/16 12:0 a.m.•41 views

CVE-2024-42758

CVE-2024-42758 concerns the indexmenu plugin for Dokuwiki (v2024-01-05). The vulnerability is a stored XSS: an attacker can inject scripts via page creation/editing, with the payload ultimately stored in a .txt file due to Dokuwiki’s design, posing a stored XSS risk when pages are viewed. Affecte...

5.4CVSS5.2AI score0.01883EPSS

Exploits0References4

CNNVD•added 2024/08/16 12:0 a.m.•1 views

DokuWiki 安全漏洞

DokuWiki is an easy-to-use and versatile open source Wiki software from DokuWiki Open Source. A security vulnerability exists in DokuWiki version v2024-01-05, which originates from a stored cross-site scripting attack that can be triggered by an attacker entering a cross-site scripting load when...

5.4CVSS5.7AI score0.01883EPSS

Exploits0References5