8 matches found
Debian Security Advisory DSA 2593-1 (moin - several vulnerabilities)
It was discovered that missing input validation in the twikidraw and anywikidraw actions can result in the execution of arbitrary code. This security issue is being actively exploited. This update also addresses path traversal in AttachFile. OpenVAS Vulnerability Test $Id: deb25931.nasl 6611...
Fedora Update for moin FEDORA-2013-0685
Check for the Version of moin OpenVAS Vulnerability Test Fedora Update for moin FEDORA-2013-0685 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...
Fedora Update for moin FEDORA-2013-0685
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for moin FEDORA-2013-0600
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2012-6082
Cross-site scripting XSS vulnerability in the rsslink function in theme/init.py in MoinMoin 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the page name in a rss link...
CVE-2012-6082
Cross-site scripting XSS vulnerability in the rsslink function in theme/init.py in MoinMoin 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the page name in a rss link...
CVE-2012-6082
Cross-site scripting XSS vulnerability in the rsslink function in theme/init.py in MoinMoin 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the page name in a rss link...
CVE-2012-6082
CVE-2012-6082 concerns MoinMoin prior to 1.9.6. The vulnerability is an XSS in the rsslink function (theme/init .py) where the page name parameter is not properly sanitized, allowing remote attackers to inject arbitrary HTML/JavaScript. Public references describe affected versions as 1.9.5 and ea...