DokuWiki is a simple to use wiki targeted at developer teams, workgroups and small companies.
Stefan Esser discovered that the DokuWiki spell checker fails to properly sanitize PHP's "complex curly syntax".
A unauthenticated remote attacker may execute arbitrary PHP commands - and thus possibly arbitrary system commands - with the permissions of the user running the webserver that serves DokuWiki pages.
There is no known workaround at this time.
All DokuWiki users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/dokuwiki-20060309-r1"