Two vulnerabilities were discovered in moin, a Python clone of WikiWiki. CVE-2020-15275 Catarina Leite discovered that moin is prone to a stored XSS vulnerability via SVG attachments. CVE-2020-25074 Michael Chapman discovered that moin is prone to a remote code execution vulnerability via the cache action. For the stable distribution (buster), these problems have been fixed in version 1.9.9-1+deb10u1. We recommend that you upgrade your moin packages. For the detailed security status of moin please refer to its security tracker page at: https://security-tracker.debian.org/tracker/moin
Two vulnerabilities were discovered in moin, a Python clone of WikiWiki.
Catarina Leite discovered that moin is prone to a stored XSS vulnerability via SVG attachments.
Michael Chapman discovered that moin is prone to a remote code execution vulnerability via the cache action.
For the stable distribution (buster), these problems have been fixed in version 1.9.9-1+deb10u1.
We recommend that you upgrade your moin packages.
For the detailed security status of moin please refer to its security tracker page at: https://security-tracker.debian.org/tracker/moin