Dokuwiki@2012-01-25 Security Vulnerabilities and Issues — Dokuwiki@2012-01-25 CVE List

Lucene search

Andreas GohrDokuwiki2012-01-25

3 matches found

CVE•added 2012/08/27 9:55 p.m.•146 views

CVE-2012-2129

Cross-site scripting (XSS) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to inject arbitrary web script or HTML via the target parameter in an edit action.

4.3CVSS5.5AI score0.0083EPSS

CVE•added 2012/08/27 9:55 p.m.•67 views

CVE-2012-2128

Cross-site request forgery (CSRF) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users. NOTE: this issue has been disputed by the vendor, who states that it is resultant from CVE-2012-2129...

6.8CVSS6.6AI score0.0083EPSS

CVE•added 2012/07/13 9:55 p.m.•40 views

CVE-2012-0283

Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in DokuWiki before 2012-01-25b allows remote attackers to inject arbitrary web script or HTML via the ns parameter in a medialist action to lib/exe/ajax.php.

4.3CVSS5.5AI score0.00516EPSS