Lucene search
GoogleOSV:DSA-2083-1HistoryAug 02, 2010 - 12:00 a.m.
moin - cross-site scripting
2010-08-0200:00:00
Google
osv.dev
5
0.008 Low
EPSS
Percentile
81.2%
It was discovered that moin, a python clone of WikiWiki, does not sufficiently
sanitize parameters when passing them to the add_msg function. This allows a
remote attackers to conduct cross-site scripting (XSS) attacks for example
via the template parameter.
For the stable distribution (lenny), this problem has been fixed in
version 1.7.1-3+lenny5.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 1.9.3-1.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moin | eq | 1.7.1-3+lenny1 | |
| moin | eq | 1.7.1-3+lenny3 | |
| moin | eq | 1.7.1-3+lenny4 | |
| moin | eq | 1.7.1-3+lenny2 |
References
Related
cve
cve
openvas
openvas
Debian Security Advisory DSA 2083-1 (moin)
2010-08-21 00:00:00
Debian: Security Advisory (DSA-2083-1)
2010-08-21 00:00:00
Ubuntu Update for moin vulnerabilities USN-977-1
2010-08-30 00:00:00
prion
prion
Cross site scripting
2010-08-05 13:22:00
Cross site scripting
2010-08-05 13:22:00
Cross site scripting
2010-08-05 13:22:00
github
github
MoinMoin Cross-site Scripting (XSS) vulnerability
2022-05-17 05:49:23
MoinMoin cross-site scripting (XSS) vulnerability
2022-05-17 05:49:23
MoinMoin cross-site scripting (XSS) vulnerability
2022-05-17 05:49:23
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2010-08-05 00:00:00
[USN-977-1] MoinMoin vulnerabilities
2010-08-26 00:00:00
cvelist
cvelist
ubuntucve
ubuntucve
nessus
nessus
MoinMoin PageEditor.py template Parameter XSS
2010-06-07 00:00:00
Debian DSA-2083-1 : moin - missing input sanitization
2010-08-04 00:00:00
nvd
nvd
osv
osv
PYSEC-2010-16
2010-08-05 13:22:00
MoinMoin cross-site scripting (XSS) vulnerability
2022-05-17 05:49:23
PYSEC-2010-18
2010-08-05 13:22:00
debiancve
debiancve
debian
debian
[SECURITY] [DSA 2083-1] New moin packages fix cross-site scripting
2010-08-02 19:09:12
ubuntu
ubuntu
MoinMoin vulnerabilities
2010-08-25 00:00:00
gentoo
gentoo
MoinMoin: Multiple vulnerabilities
2012-10-18 00:00:00