Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Plugin/passwordauth.pm (aka the passwordauth plugin) in ikiwiki 1.34 through 2.47 allows remote attackers to bypass authentication, and login to any account for which an OpenID identity is configured and a password is not configured, by specifying an empty password during the login sequence.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ikiwiki openid和/passwordauth 插件身份认证绕过漏洞
Vulnerability Description
Ikiwiki是软件开发者Joey和其他贡献者共同开发的一款wiki编译器,它支持将wiki页面转换为网站发布的HTML页面。 Ikiwiki在处理访问认证时存在漏洞,如果在Ikiwiki中启用了openid和passwordauth插件的话(默认配置),用户就可以通过带有空口令的登录请求绕过认证限制登录,访问openid相关帐号。
CVSS Information
N/A
Vulnerability Type
N/A