11 matches found
EUVD-2012-0017
Malware in sbrugna...
GHSA-G4MX-RM5Q-VH24 MoinMoin Improper Access Control
security/init.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as "All," "Known," or "Trusted," which allows remote authenticated users with virtual group membership to be treated as a member of the group...
MoinMoin 1.9 < 1.9.5 ACL Security Vulnerability - Windows
MoinMoin does not properly handle group names that contain virtual group names such as SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : moin vulnerabilities (USN-1604-1)
It was discovered that MoinMoin did not properly sanitize certain input, resulting in a cross-site scripting XSS vulnerability. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to...
CVE-2012-4404
security/init.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as "All," "Known," or "Trusted," which allows remote authenticated users with virtual group membership to be treated as a member of the group...
PYSEC-2012-10
security/init.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as "All," "Known," or "Trusted," which allows remote authenticated users with virtual group membership to be treated as a member of the group...
Design/Logic Flaw
security/init.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as "All," "Known," or "Trusted," which allows remote authenticated users with virtual group membership to be treated as a member of the group...
CVE-2012-4404
Removed by vendor...
CVE-2012-4404
CVE-2012-4404 affects MoinMoin 1.9 through 1.9.4, where security/init .py mishandles group names containing virtual groups (e.g., All, Known, Trusted). This allows remote authenticated users with virtual group membership to be treated as group members, constituting an access-control vulnerability...
CVE-2012-4404
security/init.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as "All," "Known," or "Trusted," which allows remote authenticated users with virtual group membership to be treated as a member of the group...
CVE-2012-4404
security/init.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as "All," "Known," or "Trusted," which allows remote authenticated users with virtual group membership to be treated as a member of the group...