DokuWiki prior to 2014-05-05d and prior to 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dokuwiki dokuwiki |