PT-2012-3825 · Dokuwiki · Dokuwiki
Khashayar Fereidani
·
Published
2012-08-27
·
Updated
2024-08-06
·
CVE-2012-2129
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
DokuWiki version 2012-01-25 Angua
Description
A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML via the
target parameter in an edit action.Recommendations
For DokuWiki version 2012-01-25 Angua, consider disabling the edit action or restricting access to the
target parameter until a patch is available.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dokuwiki