Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in DokuWiki prior to 2012-01-25b allows remote malicious users to inject arbitrary web script or HTML via the ns parameter in a medialist action to lib/exe/ajax.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
andreas gohr dokuwiki 2011-05-25c |
||
andreas gohr dokuwiki 2012-01-25 |
||
andreas gohr dokuwiki 2007-06-26 |
||
andreas gohr dokuwiki 2006-11-06 |
||
andreas gohr dokuwiki 2010-11-07a |
||
andreas gohr dokuwiki 2009-12-25c |
||
andreas gohr dokuwiki 2005-09-22 |
||
andreas gohr dokuwiki 2005-09-19 |
||
andreas gohr dokuwiki |
||
andreas gohr dokuwiki 2009-02-14b |
||
andreas gohr dokuwiki 2008-05-05 |
||
andreas gohr dokuwiki 2007-07-13 |
||
andreas gohr dokuwiki 2005-07-01 |
||
andreas gohr dokuwiki 2011-05-25a |
||
andreas gohr dokuwiki 2011-05-25 |
||
andreas gohr dokuwiki 2006-03-09 |
||
andreas gohr dokuwiki 2006-03-05 |