15 matches found
CVE-2010-2969
Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/LikePages.py, 2 action/chart.py, and 3 action/userprofile.py, a similar issue to...
MoinMoin cross-site scripting (XSS) vulnerability
Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/LikePages.py, 2 action/chart.py, and 3 action/userprofile.py, a similar issue to...
MoinMoin cross-site scripting (XSS) vulnerability
Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/SlideShow.py, 2 action/anywikidraw.py, and 3 action/languagesetup.py, a similar issue to CVE-2010-2487...
GHSA-2J76-26QQ-7RVV MoinMoin cross-site scripting (XSS) vulnerability
Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/LikePages.py, 2 action/chart.py, and 3 action/userprofile.py, a similar issue to...
Debian Security Advisory DSA 2083-1 (moin)
The remote host is missing an update to moin announced via advisory DSA 2083-1. OpenVAS Vulnerability Test $Id: deb20831.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2083-1 moin Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/LikePages.py, 2 action/chart.py, and 3 action/userprofile.py, a similar issue to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/SlideShow.py, 2 action/anywikidraw.py, and 3 action/languagesetup.py, a similar issue to CVE-2010-2487...
CVE-2010-2487
Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 Page.py, 2 PageEditor.py, 3 PageGraphicalEditor.py, 4 action/CopyPage.py, 5...
CVE-2010-2969
Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/LikePages.py, 2 action/chart.py, and 3 action/userprofile.py, a similar issue to...
CVE-2010-2487
Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 Page.py, 2 PageEditor.py, 3 PageGraphicalEditor.py, 4 action/CopyPage.py, 5...
CVE-2010-2970
MoinMoin 1.9.x prior to 1.9.3 is affected by CVE-2010-2970 (XSS) via crafted content in action/SlideShow.py, action/anywikidraw.py, and action/language_setup.py. The vulnerability allows remote attackers to inject arbitrary script/HTML; impact is partial integrity and potential client-side data e...
CVE-2010-2487
CVE-2010-2487 corresponds to MoinMoin XSS vulnerabilities affecting versions up to 1.9.3 (and earlier 1.7.3, 1.8.x until 1.8.8). Affected components include Page.py, PageEditor.py, PageGraphicalEditor.py, and various actions (CopyPage, Load, RenamePage, backup, login, newaccount, recoverpass). Im...
CVE-2010-2487
Removed by vendor...
CVE-2010-2969
Removed by vendor...
MoinMoin 'PageEditor.py' Cross-Site Scripting Vulnerability
MoinMoin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker...