CVE-2014-8762
NONE
Published Oct 22, 201411y ago · Modified Jun 17, 20262w ago
Published Oct 22, 2014 11y ago
Last Modified Jun 17, 2026 2w ago
Description
The ajax_mediadiff function in DokuWiki before 2014-05-05a allows remote attackers to access arbitrary images via a crafted namespace in the ns parameter.
Threat Intelligence
No active exploitation signals — not in CISA KEV and no EPSS score yet.
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| dokuwiki | dokuwiki | * | ≤2013-12-08 |
References 7
- advisories.mageia.org http://advisories.mageia.org/MGASA-2014-0438.html
- secunia.com http://secunia.com/advisories/61983
- debian.org http://www.debian.org/security/2014/dsa-3059
- openwall.com http://www.openwall.com/lists/oss-security/2014/10/13/3
- openwall.com http://www.openwall.com/lists/oss-security/2014/10/16/9
- securityfocus.com http://www.securityfocus.com/bid/70404
- github.com https://github.com/splitbrain/dokuwiki/issues/765
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.