CVE-2017-0356
N/A
N/A
Summary
A flaw, similar to to CVE-2016-9646, exists in ikiwiki before 3.20170111, in the passwordauth plugin's use of CGI::FormBuilder, allowing an attacker to bypass authentication via repeated parameters.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| ikiwiki | ikiwiki | before 3.20170111 | affected |
Weaknesses
- authentication bypass
ADP Enrichment
CVE Program Container
Additional References
- https://www.debian.org/security/2017/dsa-3760
- https://ikiwiki.info/security/#cve-2017-0356
- https://marc.info/?l=oss-security&m=148418234314276&w=2
- http://www.securityfocus.com/bid/95420
References
- https://www.debian.org/security/2017/dsa-3760
- https://ikiwiki.info/security/#cve-2017-0356
- https://marc.info/?l=oss-security&m=148418234314276&w=2
- http://www.securityfocus.com/bid/95420
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.