CVE-2017-18123 (debian_linux, dokuwiki)

maltiger

The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18123