CVE-2022-3123
5.4
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Summary
Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| splitbrain | splitbrain/dokuwiki | unspecified < 2022-07-31a | affected |
Weaknesses
- CWE-79: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
ADP Enrichment
CVE Program Container
Additional References
- https://huntr.dev/bounties/d72a979b-57db-4201-9500-66b49a5c1345
- https://github.com/splitbrain/dokuwiki/commit/63e9a247c072008a031f9db39fa496f6aca489b6
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LLNV7GYZPGLIKBLISVQUREQXE3WHI5R2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XIWZXLDU7SUS2FANXQRCHJY3F3SWT27E/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZQTVHRBEVMSKQESNFLU7MAUAB3R3PG2/
References
- https://huntr.dev/bounties/d72a979b-57db-4201-9500-66b49a5c1345
- https://github.com/splitbrain/dokuwiki/commit/63e9a247c072008a031f9db39fa496f6aca489b6
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LLNV7GYZPGLIKBLISVQUREQXE3WHI5R2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XIWZXLDU7SUS2FANXQRCHJY3F3SWT27E/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PZQTVHRBEVMSKQESNFLU7MAUAB3R3PG2/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.