A flaw, similar to to CVE-2016-9646, exists in ikiwiki prior to 3.20170111, in the passwordauth plugin's use of CGI::FormBuilder, allowing an malicious user to bypass authentication via repeated parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ikiwiki ikiwiki |
||
debian debian linux 7.0 |
||
debian debian linux 8.0 |