Debian 10225 Published by

Updated dokuwiki packages has been released for Debian GNU/Linux 7 LTS



Package : dokuwiki
Version : 0.0.20120125b-2+deb7u2
CVE ID : CVE-2017-18123
Debian Bug : #889281

It was discovered that an XHR/AJAX call did not properly encode user
input in the "dokuwiki" wiki platform. This resulted in a reflected file
download vulnerability.

For Debian 7 "Wheezy", this issue has been fixed in dokuwiki version
0.0.20120125b-2+deb7u2.

We recommend that you upgrade your dokuwiki packages.