DokuWiki Multiple Cross Site Request Forgery Vulnerabilities

Summary
This host is installed with Dokuwiki and is prone to multiple Cross Site Scripting vulnerabilities.
Impact
Successful exploitation allows attackers to conduct cross site request forgery attacks via unknown vectors. Impact Level: Application.
Solution
Update to version 2009-12-25c or later. For updates refer to http://www.splitbrain.org/go/dokuwiki
Insight
The flaws are due to error in 'ACL' Manager plugin (plugins/acl/ajax.php) that allows users to perform certain actions via HTTP requests without performing any validity checks.
Affected
Dokuwiki versions prior to 2009-12-25c
References