Описание
An arbitrary file upload vulnerability in the Media Manager component of DokuWiki 2024-02-06a allows attackers to execute arbitrary code by uploading a crafted SVG file. NOTE: as noted in the 4267 issue reference, there is a position that exploitability can only occur with a misconfiguration of the product.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | disputed |
| esm-apps/bionic | not-affected | disputed |
| esm-apps/focal | not-affected | disputed |
| esm-apps/jammy | not-affected | disputed |
| esm-apps/noble | not-affected | disputed |
| esm-apps/xenial | not-affected | disputed |
| focal | not-affected | disputed |
| jammy | not-affected | disputed |
| mantic | ignored | end of life, was needs-triage |
| noble | not-affected | disputed |
Показывать по
6.1 Medium
CVSS3
Связанные уязвимости
An arbitrary file upload vulnerability in the Media Manager component of DokuWiki 2024-02-06a allows attackers to execute arbitrary code by uploading a crafted SVG file. NOTE: as noted in the 4267 issue reference, there is a position that exploitability can only occur with a misconfiguration of the product.
An arbitrary file upload vulnerability in the Media Manager component ...
An arbitrary file upload vulnerability in the Media Manager component of DokuWiki 2024-02-06a allows attackers to execute arbitrary code via uploading a crafted SVG file.
6.1 Medium
CVSS3