Browse all 4 CVE security advisories affecting ikiwiki. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ikiwiki is a wiki application that enables collaborative website creation and management using a Git or Subversion backend. Historically, it has been susceptible to multiple security vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. These issues often stem from improper input validation and insufficient access controls in its plugins and core functionality. While no major public security incidents have been widely documented, the four CVEs on record highlight consistent security challenges. The application's reliance on user-generated content and plugin extensibility creates potential attack surfaces, requiring careful configuration and regular updates to mitigate risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2015-2793 | Ikiwiki 跨站脚本漏洞 — ikiwiki | 6.1 | - | 2019-11-21 |
| CVE-2016-9646 | Commit metadata forgery via CGI::FormBuilder context-dependent APIs — ikiwiki | 5.3 | - | 2018-04-13 |
| CVE-2017-0356 | Authentication bypass via repeated parameters — ikiwiki | 9.8 | - | 2018-04-13 |
| CVE-2016-9645 | Editing restriction bypass for git revert — ikiwiki | 7.5 | - | 2018-04-10 |
This page lists every published CVE security advisory associated with ikiwiki. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.