Information on source package ikiwiki

Available versions

wheezy (security)3.20120629.2+deb7u2
jessie (security)3.20141016.4

Resolved issues

TEMP-0000000-673AE0ikiwiki allows web user to edit images and other non-page format files in the wiki
CVE-2017-0356Authentication bypass via repeated parameters
CVE-2016-9646commit metadata forgery
CVE-2016-9645incomplete fix for CVE-2016-10026
CVE-2016-4561Cross-site scripting (XSS) vulnerability in the cgierror function in ...
CVE-2016-10026ikiwiki 3.20161219 does not properly check if a revision changes the ...
CVE-2015-2793cross-site scripting via openid_identifier
CVE-2012-0220Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin ...
CVE-2011-1408ikiwiki tty hijacking vulnerability
CVE-2011-1401ikiwiki before 3.20110328 does not ascertain whether the htmlscrubber ...
CVE-2010-1673ikiwiki xss due to insufficient html scrubbing
CVE-2010-1195Cross-site scripting (XSS) vulnerability in the htmlscrubber component ...
CVE-2009-2944Incomplete blacklist vulnerability in the teximg plugin in ikiwiki ...
CVE-2008-0809Cross-site scripting (XSS) vulnerability in the htmlscrubber in ...
CVE-2008-0808Cross-site scripting (XSS) vulnerability in the meta plugin in Ikiwiki ...
CVE-2008-0169Plugin/ (aka the passwordauth plugin) in ikiwiki 1.34 ...
CVE-2008-0165Cross-site request forgery (CSRF) vulnerability in Ikiwiki before 2.42 ...

Security announcements

DSA / DLADescription
DLA-812-1ikiwiki - security update
DSA-3760-1ikiwiki - security update
DLA-463-1ikiwiki - security update
DSA-3571-1ikiwiki - security update
DSA-2474-1ikiwiki - cross-site scripting
DSA-2214-1ikiwiki - missing input validation
DSA-2214-1ikiwiki - missing input validation
DSA-2020-1ikiwiki - cross-site scripting
DSA-1875-1ikiwiki - information disclosure
DSA-1553-1ikiwiki - cross-site request forgery
DSA-1523-1ikiwiki - cross-site scripting

Search for package or bug name: Reporting problems