CVE-2010-0289

Priority
Medium
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL
Manager plugin (plugins/acl/ajax.php) in DokuWiki before 2009-12-25c allow
remote attackers to hijack the authentication of administrators for
requests that modify access control rules, and other unspecified requests,
via unknown vectors.
References
Bugs
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Ubuntu Touch 15.04:DNE
Ubuntu Core 15.04:DNE
Ubuntu 15.10 (Wily Werewolf):ignored (reached end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 16.10 (Yakkety Yak):needs-triage
More Information

Updated: 2016-08-01 16:15:03 UTC (commit 11295)