PRIOn knowledge basePRION:CVE-2009-0312

HistoryJan 28, 2009 - 1:30 a.m.

Cross site scripting

2009-01-2801:30:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

75.1%

JSON

Cross-site scripting (XSS) vulnerability in the antispam feature (security/antispam.py) in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content.

CPENameOperatorVersion
moinmoineq1.8.1
moinmoineq1.7.0

CPE	Name	Operator	Version
	moinmoin	eq	1.8.1
	moinmoin	eq	1.7.0

References

hg.moinmo.in/moin/1.7/rev/89b91bf87dad

hg.moinmo.in/moin/1.8/rev/89b91bf87dad

moinmo.in/SecurityFixes

osvdb.org/51632

secunia.com/advisories/33716

secunia.com/advisories/33755

www.openwall.com/lists/oss-security/2009/01/27/4

exchange.xforce.ibmcloud.com/vulnerabilities/48306

usn.ubuntu.com/716-1/

www.debian.org/security/2009/dsa-1715

6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

75.1%

JSON

Related for PRION:CVE-2009-0312