S4E

CVE-2017-12583 Scanner

Detects 'Cross-Site Scripting (XSS)' vulnerability in DokuWiki affects v. through 2017-02-19b.

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

29 days

Scan only one

URL

Toolbox

-

DokuWiki is an open-source software that allows users to easily manage and collaborate on the creation of documentation, such as wikis, FAQs, and manuals. It is used by companies, organizations, and individuals to create and organize their knowledge and information in a centralized location that is easily accessible to their teams. DokuWiki is designed to be simple and flexible, allowing users to easily customize its features and functionality to meet their specific needs.

The CVE-2017-12583 vulnerability detected in DokuWiki through 2017-02-19b is related to XSS (cross-site scripting) in the at parameter or DATE_AT variable to doku.php. This vulnerability can be exploited by attackers to inject malicious scripts or content into a webpage that is accessed by users of the affected software. It is important to note that this vulnerability can only be exploited by attackers who have access to the system or network where DokuWiki is installed.

When exploited, the CVE-2017-12583 vulnerability can lead to theft of sensitive information, unauthorized access to data, and the compromise of the entire system or network. Attackers can gain access to sensitive information by injecting malicious scripts or content into webpages and capturing user data, such as login credentials, credit card information, and other personally identifiable information. They can also use this vulnerability to gain administrative access to the system or network, giving them the ability to execute commands and take control of the affected systems.

Thanks to the pro features of the s4e.io platform, readers of this article can easily and quickly learn about vulnerabilities in their digital assets. The platform provides comprehensive vulnerability assessment and management tools that can help protect against the latest security threats. With s4e.io, users can easily stay up-to-date on the latest security vulnerabilities and take proactive steps to protect their systems, networks, and digital assets.

 

REFERENCES

Get started to protecting your Free Full Security Scan