Lucene search

K

RedhatCVELIST:CVE-2010-2487

HistoryAug 04, 2010 - 9:00 p.m.

CVE-2010-2487

2010-08-0421:00:00

redhat

www.cve.org

1

5.5 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.2%

Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) Page.py, (2) PageEditor.py, (3) PageGraphicalEditor.py, (4) action/CopyPage.py, (5) action/Load.py, (6) action/RenamePage.py, (7) action/backup.py, (8) action/login.py, (9) action/newaccount.py, and (10) action/recoverpass.py.

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809

hg.moinmo.in/moin/1.7/rev/37306fba2189

hg.moinmo.in/moin/1.8/raw-file/1.8.8/docs/CHANGES

hg.moinmo.in/moin/1.8/rev/4238b0c90871

hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES

hg.moinmo.in/moin/1.9/rev/68ba3cc79513

hg.moinmo.in/moin/1.9/rev/e50b087c4572

marc.info/?l=oss-security&m=127799369406968&w=2

marc.info/?l=oss-security&m=127809682420259&w=2

moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg

moinmo.in/MoinMoinRelease1.8

moinmo.in/MoinMoinRelease1.9

moinmo.in/SecurityFixes

secunia.com/advisories/40836

www.debian.org/security/2010/dsa-2083

www.securityfocus.com/bid/40549

www.vupen.com/english/advisories/2010/1981

5.5 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.2%

Related for CVELIST:CVE-2010-2487

cve3 securityvulns3 openvas8 prion3 github3 nessus4 nvd3 osv6 debiancve3 debian1 ubuntucve3 cvelist2 ubuntu1 gentoo1