Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Gentoo: GLSA 200704-08 Low Severity: DokuWiki Cross-Site Scripting

gentoo
Calendar Grey April 12, 2007
Dist Gentoo Esm H88
The Gentoo GLSA 200704-09 outlines vulnerabilities within DokuWiki that can lead to XSS attacks. Enhance your security by applying the recommended updates!
DokuWiki is vulnerable to a cross-site scripting attack.

Summary

Gentoo Linux Security Advisory GLSA 200704-08 https://security.gentoo.org/ Severity: Low Title: DokuWiki: Cross-site scripting vulnerability Date: April 12, 2007 Bugs: #163781 ID: 200704-08

Synopsis ======= DokuWiki is vulnerable to a cross-site scripting attack.
Background ========= DokuWiki is a simple to use wiki aimed at creating documentation.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-apps/dokuwiki < 20061106 >= 20061106
========== DokuWiki does not sanitize user input to the GET variable 'media' in the fetch.php file.
Impact ===== An attacker could entice a user to click a specially crafted link and inject CRLF characters into the variable. Thi...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo cross-site scripting attack low severity user input DokuWiki

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory gentoo cross-site scripting attack low severity user input DokuWiki

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here