ID de Prueba:	1.3.6.1.4.1.25623.1.0.800989
Categoría:	Web application abuses
Título:	DokuWiki Multiple CSRF Vulnerabilities
Resumen:	Dokuwiki is prone to multiple Cross Site Scripting vulnerabilities.
Descripción:	Summary: Dokuwiki is prone to multiple Cross Site Scripting vulnerabilities. Vulnerability Insight: The flaws are due to error in 'ACL' Manager plugin (plugins/acl/ajax.php) that allows users to perform certain actions via HTTP requests without performing any validity checks. Vulnerability Impact: Successful exploitation allows attackers to conduct cross site request forgery attacks via unknown vectors. Affected Software/OS: Dokuwiki versions prior to 2009-12-25c Solution: Update to version 2009-12-25c or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0289 38205 http://secunia.com/advisories/38205 61708 http://osvdb.org/61708 DSA-1976 http://www.debian.org/security/2010/dsa-1976 FEDORA-2010-0770 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034729.html FEDORA-2010-0800 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/034831.html GLSA-201301-07 http://security.gentoo.org/glsa/glsa-201301-07.xml http://bugs.splitbrain.org/index.php?do=details&task_id=1853 http://freshmeat.net/projects/dokuwiki/tags/security-fix http://www.splitbrain.org/blog/2010-01/17-dokuwiki-security
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.