TWiki Security Alert CVE-2014-7236: Remote Perl code execution with query string to debug TWiki plugins

Posted by Peter Thoeny on Oct 09

This is an advisory for TWiki administrators: The debugenableplugins request parameter allows arbitrary Perl code
execution.

TWiki ( http://twiki.org ) is an Open Source Enterprise Wiki and Web Application Platform used by millions of people.

* Vulnerable Software Version
* Attack Vectors
* Impact
* Severity Level
* MITRE Name for this Vulnerability
* Details
* Countermeasures
* Hotfix for TWiki Production Release 6.0.0…

Leave a Reply