Lucene search
Moinmoin Cross Site Scripting
Moinmoin Cross Site Scripting via RST parser with CVE-2011-105
Show more
| Reporter | Title | Published | Views | Family All 36 |
|---|---|---|---|---|
 | PYSEC-2011-6 | 22 Feb 201118:00 | – | osv |
 | Fedora Update for moin FEDORA-2011-2156 | 8 Mar 201100:00 | – | openvas |
| Debian Security Advisory DSA 2321-1 (moin) | 16 Oct 201100:00 | – | openvas |
| Fedora Update for moin FEDORA-2011-2156 | 8 Mar 201100:00 | – | openvas |
| FreeBSD Ports: moinmoin | 7 Sep 201200:00 | – | openvas |
| MoinMoin < 1.9.4 Cross-Site Scripting Vulnerabilities - Windows | 12 Feb 201800:00 | – | openvas |
| Fedora Update for moin FEDORA-2011-2157 | 8 Mar 201100:00 | – | openvas |
| Fedora Update for moin FEDORA-2011-2157 | 8 Mar 201100:00 | – | openvas |
| Debian: Security Advisory (DSA-2321-1) | 16 Oct 201100:00 | – | openvas |
| MoinMoin < 1.9.4 Cross-Site Scripting Vulnerabilities - Linux | 12 Feb 201800:00 | – | openvas |
10
`Hi, I reported the xss in moinmoin which is made possible via the RST
parser / mark-up.
Here is a demonstration / proof of concept of abusing the refuri via a
javascript link.
{{{#!rst
"`NotMe <javascript:alert(1)>`_" , "MORELOL"
}}}
Information about CVE-2011-1058 can also be found at
http://secunia.com/advisories/cve_reference/CVE-2011-1058/
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo06 Mar 2011 00:00Current
6.4Medium risk
Vulners AI Score6.4
EPSS0.00844