It was found that DokuWiki's RSS embedding mechanism did not properly
escape user-provided links. An attacker could use this flaw to conduct
cross-site scripting (XSS) attacks, potentially leading to arbitrary
This issue has been addressed in upstream "2011-05-25 Rincewind" release:
This issue affects the versions of the dokuwiki package, as shipped with
Fedora release of 14 and 15.
This issue affects the versions of the dokuwiki package, as present within
EPEL-5 and EPEL-6 repositories. Please schedule an update.
Created dokuwiki tracking bugs for this issue
Affects: epel-all [bug 717148]
Affects: fedora-all [bug 717149]
The CVE identifier of CVE-2011-2510 has been assigned to this issue: