Cross-site scripting (XSS) vulnerability in the mediamanager module in DokuWiki before 2006-03-05 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors relating to "handling EXIF data."Referenceshttp://www.vupen.com/english/advisories/2006/0909http://wiki.splitbrain.org/wiki%3Achangeshttps://exchange.xforce.ibmcloud.com/vulnerabilities/25137http://www.securityfocus.com/bid/17065http://secunia.com/advisories/19186
