Lucene search

GitHub Advisory DatabaseGHSA-977V-29J9-9RXC

HistoryMay 02, 2022 - 6:14 a.m.

MoinMoin improper sanitizes user profiles

2022-05-0206:14:38

GitHub Advisory Database

github.com

6.7 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.8%

MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors.

CPENameOperatorVersion
moinlt1.9.2
moinlt1.8.7

CPE	Name	Operator	Version
	moin	lt	1.9.2
	moin	lt	1.8.7

References

hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES

moinmo.in/MoinMoinRelease1.8

moinmo.in/SecurityFixes

www.debian.org/security/2010/dsa-2014

www.openwall.com/lists/oss-security/2010/02/15/2

www.openwall.com/lists/oss-security/2010/02/15/4

www.openwall.com/lists/oss-security/2010/02/21/2

github.com/advisories/GHSA-977v-29j9-9rxc

nvd.nist.gov/vuln/detail/CVE-2010-0669

web.archive.org/web/20111225112846/secunia.com/advisories/38903

web.archive.org/web/20140806190238/secunia.com/advisories/38444

web.archive.org/web/20200228174758/www.securityfocus.com/bid/38023