Back to search
CVE-2014-8762
Published: Oct 22, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The ajax_mediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitrary images via a crafted namespace in the ns parameter.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
61983
third-party-advisory
x_refsource_SECUNIA
http://advisories.mageia.org/MGASA-2014-0438.html
x_refsource_CONFIRM
https://github.com/splitbrain/dokuwiki/issues/765
x_refsource_CONFIRM
70404
vdb-entry
x_refsource_BID
[oss-security] 20141013 CVE request: various security flaws in dokuwiki
mailing-list
x_refsource_MLIST
[oss-security] 20141016 Re: CVE request: various security flaws in dokuwiki
mailing-list
x_refsource_MLIST
DSA-3059
vendor-advisory
x_refsource_DEBIAN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now