Published: 13/02/2007 Updated: 15/11/2008

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Unspecified vulnerability in the "Show debugging information" feature in MoinMoin 1.5.7 allows remote malicious users to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
moinmoin moinmoin 1.5.7

Debian Bug report logs - #411084 CVE-2007-0901,0902: XSS in debugging information Package: moin; Maintainer for moin is Steve McIntyre <93sam@debianorg>; Reported by: Kees Cook <kees@outfluxnet> Date: Thu, 15 Feb 2007 21:45:02 UTC Severity: grave Tags: patch, security Found in version 134-3 Fixed in version 15 ...

A flaw was discovered in MoinMoin’s debug reporting sanitizer which could lead to a cross-site scripting attack By tricking a user into viewing a crafted MoinMoin URL, an attacker could execute arbitrary JavaScript as the current MoinMoin user, possibly exposing the user’s authentication information for the domain where MoinMoin was hosted O ...

NVD-CWE-Other http://secunia.com/advisories/24138 http://www.ubuntu.com/usn/usn-423-1 http://www.securityfocus.com/bid/22515 http://secunia.com/advisories/24244 http://osvdb.org/33173 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=411084 https://usn.ubuntu.com/423-1/https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-0902

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect