Andreas Gohr

3 exploits Active since Mar 2015
CVE-2015-2172 WRITEUP WRITEUP
Dokuwiki < 2014-05-05d - Improper Access Control
DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via a request to the XMLRPC API.
CVE-2022-3123 WRITEUP MEDIUM WRITEUP
Dokuwiki < 2022-07-31a - XSS
Cross-site Scripting (XSS) - Reflected in GitHub repository splitbrain/dokuwiki prior to 2022-07-31a.
CVSS 6.1
CVE-2023-34408 WRITEUP MEDIUM WRITEUP
Dokuwiki < 2023-04-04a - XSS
DokuWiki before 2023-04-04a allows XSS via RSS titles.
CVSS 5.4