HomePentest-Tools.com Logo

DokuWiki Multiple Cross Site Request Forgery Vulnerabilities CVE-2010-0289

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Dokuwiki is prone to multiple Cross Site Scripting vulnerabilities.

Risk description

The flaws are due to error in ACL Manager plugin (plugins/acl/ajax.php) that allows users to perform certain actions via HTTP requests without performing any validity checks. Successful exploitation allows attackers to conduct cross site request forgery attacks via unknown vectors.

Recommendation

Update to version 2009-12-25c or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 15, 2010
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available