CVE-2010-0289

Name of the Vulnerable Software and Affected Versions DokuWiki versions prior to 2009-12-25c

Description The issue affects the ACL Manager plugin in DokuWiki, specifically the ajax.php file. It allows remote attackers to hijack the authentication of administrators for requests that modify access control rules and other unspecified requests via unknown vectors.

Recommendations For versions prior to 2009-12-25c, update to a version released after 2009-12-25c to resolve the issue. As a temporary workaround, consider restricting access to the ajax.php file in the ACL Manager plugin to minimize the risk of exploitation.