CVEs-PoC/2012/CVE-2012-2129.md

CVE-2012-2129

Description

Cross-site scripting (XSS) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to inject arbitrary web script or HTML via the target parameter in an edit action.

POC

Reference

• http://seclists.org/bugtraq/2012/Apr/121
• http://www.openwall.com/lists/oss-security/2012/04/22/4
• http://www.openwall.com/lists/oss-security/2012/04/23/1
• https://bugzilla.redhat.com/show_bug.cgi?id=815122

Github

• https://github.com/Live-Hack-CVE/CVE-2012-2128