dokuwiki: cross-site request forgeries
| Package(s): | dokuwiki | CVE #(s): | CVE-2010-0287 CVE-2010-0288 CVE-2010-0289 | ||||||||||||
| Created: | February 5, 2010 | Updated: | February 10, 2010 | ||||||||||||
| Description: | From the Red
Hat bugzilla:
The DokuWiki BTS identified another security vulnerability in the ACL manager. The plugin does not check against cross-site request forgeries (CSRF) which can be exploited to, for example, change access control rules by tricking a logged-in administrator into visiting a malicious website. | ||||||||||||||
| Alerts: |
| ||||||||||||||