FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
7b35a77a-0151-11e7-ae1b-002590263bf5	ikiwiki -- authentication bypass vulnerability ikiwiki reports: The ikiwiki maintainers discovered further flaws similar to CVE-2016-9646 in the passwordauth plugin's use of CGI::FormBuilder, with a more serious impact: An attacker who can log in to a site with a password can log in as a different and potentially more privileged user. An attacker who can create a new account can set arbitrary fields in the user database for that account Discovery 2017-01-11 Entry 2017-03-05 ikiwiki < 3.20170111 CVE-2017-0356 https://ikiwiki.info/security/#index48h2

VuXML ID

Description

7b35a77a-0151-11e7-ae1b-002590263bf5

ikiwiki -- authentication bypass vulnerability

ikiwiki reports:

The ikiwiki maintainers discovered further flaws similar to CVE-2016-9646 in the passwordauth plugin's use of CGI::FormBuilder, with a more serious impact:

An attacker who can log in to a site with a password can log in as a different and potentially more privileged user.

An attacker who can create a new account can set arbitrary fields in the user database for that account

Discovery 2017-01-11
Entry 2017-03-05
ikiwiki

< 3.20170111

CVE-2017-0356
https://ikiwiki.info/security/#index48h2