Incomplete Fix for CVE-2016-10026 Allows Editing Restriction Bypass in ikiwiki

Incomplete Fix for CVE-2016-10026 Allows Editing Restriction Bypass in ikiwiki

CVE-2016-9645 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

The fix for ikiwiki for CVE-2016-10026 was incomplete resulting in editing restriction bypass for git revert when using git versions older than 2.8.0. This has been fixed in 3.20161229.

Learn more about our Web Application Penetration Testing UK.