CVE-2015-2172

EPSS 1.8%

發布日:2015/3/30修改日:2026/5/27

也稱為:DEBIAN-CVE-2015-2172

描述

DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API.

受影響套件(1)

Debian/dokuwikifrom 0, < 0.0.20140929.d-1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-2172