Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : moin vulnerabilities (USN-1604-1)

It was discovered that MoinMoin did not properly sanitize certain input, resulting in a cross-site scripting XSS vulnerability. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to...

Ubuntu Update for moin USN-1604-1

Ubuntu Update for Linux kernel vulnerabilities USN-1604-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16041.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for moin USN-1604-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

FreeBSD Ports: moinmoin

The remote host is missing an update to the system as announced in the referenced advisory. VID 4a8a98ab-f745-11e1-8bd8-0022156e8794 OpenVAS Vulnerability Test $ Description: Auto generated from VID 4a8a98ab-f745-11e1-8bd8-0022156e8794 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: moinmoin

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD : moinmoin -- XSS via RST parser (4a8a98ab-f745-11e1-8bd8-0022156e8794)

MITRE CVE team reports : Cross-site scripting XSS vulnerability in the reStructuredText rst parser in parser/textrst.py in MoinMoin before 1.9.4, when docutils is installed or when 'format rst' is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the...

Debian DSA-2321-1 : moin - XSS

A cross-site scripting vulnerability was discovered in the reStructuredText parser of Moin, a Python clone of WikiWiki. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-2321. The text itsel...

Fedora 14 : moin-1.9.3-4.fc14 (2011-2156)

Thu Feb 24 2011 Ville-Pekka Vainio - 1.9.3-4 - Fixes CVE-2011-1058 rhbz679523 - Tue Feb 8 2011 Fedora Release Engineering - 1.9.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora15MassRebuild Note that Tenable Network Security has extracted the preceding description block directly from the...

Fedora 13 : moin-1.9.3-4.fc13 (2011-2157)

Thu Feb 24 2011 Ville-Pekka Vainio - 1.9.3-4 - Fixes CVE-2011-1058 rhbz679523 - Tue Feb 8 2011 Fedora Release Engineering - 1.9.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora15MassRebuild - Fri Jul 23 2010 Ville-Pekka Vainio 1.9.3-2 - Rebuilt for...

Moinmoin Cross Site Scripting

Hi, I reported the xss in moinmoin which is made possible via the RST parser / mark-up. Here is a demonstration / proof of concept of abusing the refuri via a javascript link. !rst "NotMe " , "MORELOL" Information about CVE-2011-1058 can also be found at...

Fedora 15 : moin-1.9.3-4.fc15 (2011-2219)

Bug 679523 - CVE-2011-1058 MoinMoin: XSS in the rst parser Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

CVE-2011-1058

Cross-site scripting XSS vulnerability in the reStructuredText rst parser in parser/textrst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some...

CVE-2011-1058

CVE-2011-1058 is a cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser of MoinMoin. The issue occurs in parser/text_rst.py when docutils is installed or when the “format rst” setting is used, allowing remote attackers to inject arbitrary web script or HTML via a javascri...

CVE-2011-1058

Cross-site scripting XSS vulnerability in the reStructuredText rst parser in parser/textrst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some...