CVE-2025-61224

Опубликовано: 06 окт. 2025

Источник: debian

EPSS Низкий

Описание

Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian'[56.1] allows a remote attacker to execute arbitrary code via the q parameter

Пакет	Статус	Версия исправления	Релиз	Тип
dokuwiki	fixed	2025-05-14.b+dfsg-1		package
dokuwiki	no-dsa		trixie	package
dokuwiki	no-dsa		bookworm	package
dokuwiki	postponed		bullseye	package

https://github.com/dokuwiki/dokuwiki/issues/4512
Fixed by: https://github.com/dokuwiki/dokuwiki/commit/84f2d3156dbe7e95e360366199807c520b866e4f (release-2025-05-14b)

EPSS

Процентиль: 30%

0.00114

Низкий

CVE-2025-61224

CVSS3: 6.5

ubuntu

4 месяца назад

Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian'[56.1] allows a remote attacker to execute arbitrary code via the q parameter

CVE-2025-61224

CVSS3: 6.5

nvd

4 месяца назад

Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian'[56.1] allows a remote attacker to execute arbitrary code via the q parameter

GHSA-pp4p-g4w7-gvp7

CVSS3: 6.5

github

4 месяца назад

Cross Site Scripting vulnerability in DokuWiki 2025-05-14a 'Librarian'[56.1] allows a remote attacker to execute arbitrary code via the q parameter

EPSS

Процентиль: 30%

0.00114

Низкий