It was discovered that the AttachFile action in moin, a python clone of WikiWiki, is prone to cross-site scripting attacks when renaming attachements or performing other sub-actions. The oldstable distribution (etch) is not vulnerable. For the stable distribution (lenny), this problem has been fixed in version 1.7.1-3+lenny2. For the testing (squeeze) distribution and the unstable distribution (sid), this problem will be fixed soon. We recommend that you upgrade your moin packages.
It was discovered that the AttachFile action in moin, a python clone of WikiWiki, is prone to cross-site scripting attacks when renaming attachements or performing other sub-actions.
The oldstable distribution (etch) is not vulnerable.
For the stable distribution (lenny), this problem has been fixed in version 1.7.1-3+lenny2.
For the testing (squeeze) distribution and the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your moin packages.
MD5 checksums of the listed files are available in the original advisory.
Vulmon