NuytsTech Security

CVE-2014-8764

by ·

DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null () character, which triggers an anonymous bind.

Date published : 2014-10-22

http://advisories.mageia.org/MGASA-2014-0438.html

https://github.com/splitbrain/dokuwiki/pull/868

Tags: