Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 386155 - <www-apps/dokuwiki-20110525a: web script injection (CVE-2011-2510)
Summary: <www-apps/dokuwiki-20110525a: web script injection (CVE-2011-2510)
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B4 [glsa]
Depends on:
Reported: 2011-10-07 22:04 UTC by GLSAMaker/CVETool Bot
Modified: 2013-01-09 00:54 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2011-10-07 22:04:47 UTC
CVE-2011-2510 (
  Cross-site scripting (XSS) vulnerability in the RSS embedding feature in
  DokuWiki before 2011-05-25a Rincewind allows remote attackers to inject
  arbitrary web script or HTML via a link.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2011-10-09 12:24:52 UTC
Please punt vulnerable versions.
Comment 2 Lance Albertson (RETIRED) gentoo-dev 2012-05-13 08:17:30 UTC
Removed old versions.
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2013-01-09 00:54:40 UTC
This issue was resolved and addressed in
 GLSA 201301-07 at
by GLSA coordinator Stefan Behte (craig).