Debian: Security Advisory (DLA-717-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for moin FEDORA-2016-cde4525fab

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 24 : moin (2016-d40c768095)

Update to 1.9.9 bugfix release for CVE-2016-7146, CVE-2016-7148 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Fedora 25 : moin (2016-cde4525fab)

Update to 1.9.9 bugfix release for CVE-2016-7146, CVE-2016-7148 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Debian DLA-717-1 : moin security update

Several cross-site scripting vulnerabilities were discovered in moin, a Python clone of WikiWiki. A remote attacker can conduct cross-site scripting attacks via the GUI editor's attachment dialogue CVE-2016-7146 and the GUI editor's link dialogue CVE-2016-9119. For Debian 7 'Wheezy', these proble...

MoinMoin 1.9.8 Cross Site Scripting Vulnerability

MoinMoin version 1.9.8 suffers from cross site scripting vulnerabilities. 1. Introduction Affected Product: MoinMoin 1.9.8 Fixed in: 1.9.9 Fixed Version Link: http://static.moinmo.in/files/moin-1.9.9.tar.gz Vendor Website: https://moinmo.in Vulnerability Type: XSS Remote Exploitable: Yes Reported...

MoinMoin 1.9.8 Cross Site Scripting

Security Advisory - Curesec Research Team 1. Introduction Affected Product: MoinMoin 1.9.8 Fixed in: 1.9.9 Fixed Version Link: http://static.moinmo.in/files/moin-1.9.9.tar.gz Vendor Website: https://moinmo.in Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 09/05/2016 Disclosed...

Debian DSA-3715-1 : moin - security update

Several cross-site scripting vulnerabilities were discovered in moin, a Python clone of WikiWiki. A remote attacker can conduct cross-site scripting attacks via the GUI editor's attachment dialogue CVE-2016-7146 , the AttachFile view CVE-2016-7148 and the GUI editor's link dialogue CVE-2016-9119...

CVE-2016-7146

MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting XSS" issue affecting the action=fckdialog&dialog=attachment via page name component...

CVE-2016-7146

Removed by vendor...

CVE-2016-7146

CVE-2016-7146 affects MoinMoin 1.9.8, where a Cross-Site Scripting (XSS) flaw allows remote attackers to inject JavaScript via the page creation or crafted URL, specifically through the action=fckdialog&dialog=attachment (via page name) component. Connected advisories corroborate the issue and li...

UBUNTU-CVE-2016-7146

MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting XSS" issue affecting the action=fckdialog&dialog=attachment via page name component...

moinmoin -- XSS vulnerabilities

Thomas Waldmann reports: fix XSS in AttachFile view multifile related CVE-2016-7148 fix XSS in GUI editor's attachment dialogue CVE-2016-7146 fix XSS in GUI editor's link dialogue CVE-2016-9119...