A flaw, similar to to CVE-2016-9646, exists in ikiwiki before 3.20170111, in the passwordauth plugin's use of CGI::FormBuilder, allowing an attacker to bypass authentication via repeated parameters.
{ "ubuntu_priority": "medium" }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "3.20180228-1", "binary_name": "ikiwiki" } ] }