Filtered by vendor Dokuwiki
Subscriptions
Filtered by product Dokuwiki
Subscriptions
Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-12980 | 1 Dokuwiki | 1 Dokuwiki | 2024-11-21 | N/A |
| DokuWiki through 2017-02-19c has stored XSS when rendering a malicious RSS or Atom feed, in /inc/parser/xhtml.php. An attacker can create or edit a wiki that uses RSS or Atom data from an attacker-controlled server to trigger JavaScript execution. The JavaScript can be in an author field, as demonstrated by the dc:creator element. | ||||
| CVE-2017-12979 | 1 Dokuwiki | 1 Dokuwiki | 2024-11-21 | N/A |
| DokuWiki through 2017-02-19c has stored XSS when rendering a malicious language name in a code element, in /inc/parser/xhtml.php. An attacker can create or edit a wiki with this element to trigger JavaScript execution. | ||||
| CVE-2017-12583 | 1 Dokuwiki | 1 Dokuwiki | 2024-11-21 | N/A |
| DokuWiki through 2017-02-19b has XSS in the at parameter (aka the DATE_AT variable) to doku.php. | ||||