Cross-site request forgery (CSRF) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users. NOTE: this issue has been disputed by the vendor, who states that it is resultant from CVE-2012-2129: "the exploit code simply uses the XSS hole to extract a valid CSRF token."
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2012-08-27T00:00:00
Updated: 2023-02-12T00:00:00
Reserved: 2012-04-04T00:00:00
Link: CVE-2012-2128
JSON object: View
NVD Information
Status : Modified
Published: 2012-08-27T21:55:01.697
Modified: 2024-05-17T00:52:20.060
Link: CVE-2012-2128
JSON object: View
Redhat Information
No data.
CWE