CVE-2012-2128 in DokuWiki정보

요약 (영어)

** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users. NOTE: this issue has been disputed by the vendor, who states that it is resultant from CVE-2012-2129: "the exploit code simply uses the XSS hole to extract a valid CSRF token."

예약하다

2012. 04. 04.

공개

2012. 08. 27.

엔트리

VulDB provides additional information and datapoints for this CVE:

아이디	취약성	CWE	악용	대책	CVE
5297	DokuWiki User Addition 교차 사이트 요청 위조	352	개념 증명	공식 수정	CVE-2012-2128

설명

CPE

CWE

CVSS

익스플로잇

역사

차이

연결하다

위협 인텔리전스

API JSON

API XML

API CSV

◂ 이전개요다음 ▸

Want to know what is going to be exploited?

We predict KEV entries!