DokuWiki 2014-05-05a and earlier, when using Active Directory for LDAP authentication, allows remote attackers to bypass authentication via a user name and password starting with a null (\0) character, which triggers an anonymous bind.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "dokuwiki", "binary_version": "0.0.20140929.d-1ubuntu1" } ] }
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-8764.json"