CVE-2017-12583 Scanner
Detects 'Cross-Site Scripting (XSS)' vulnerability in DokuWiki affects v. through 2017-02-19b.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
29 days
Scan only one
URL
Toolbox
-
DokuWiki is an open-source software that allows users to easily manage and collaborate on the creation of documentation, such as wikis, FAQs, and manuals. It is used by companies, organizations, and individuals to create and organize their knowledge and information in a centralized location that is easily accessible to their teams. DokuWiki is designed to be simple and flexible, allowing users to easily customize its features and functionality to meet their specific needs.
The CVE-2017-12583 vulnerability detected in DokuWiki through 2017-02-19b is related to XSS (cross-site scripting) in the at parameter or DATE_AT variable to doku.php. This vulnerability can be exploited by attackers to inject malicious scripts or content into a webpage that is accessed by users of the affected software. It is important to note that this vulnerability can only be exploited by attackers who have access to the system or network where DokuWiki is installed.
When exploited, the CVE-2017-12583 vulnerability can lead to theft of sensitive information, unauthorized access to data, and the compromise of the entire system or network. Attackers can gain access to sensitive information by injecting malicious scripts or content into webpages and capturing user data, such as login credentials, credit card information, and other personally identifiable information. They can also use this vulnerability to gain administrative access to the system or network, giving them the ability to execute commands and take control of the affected systems.
Thanks to the pro features of the s4e.io platform, readers of this article can easily and quickly learn about vulnerabilities in their digital assets. The platform provides comprehensive vulnerability assessment and management tools that can help protect against the latest security threats. With s4e.io, users can easily stay up-to-date on the latest security vulnerabilities and take proactive steps to protect their systems, networks, and digital assets.
REFERENCES