_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and previous versions does not properly enforce ACLs, which allows remote malicious users to read protected pages.
Fernando Quintero discovered than MoinMoin did not properly sanitize its
input when processing login requests, resulting in cross-site scripting (XSS)
vulnerabilities With cross-site scripting vulnerabilities, if a user were
tricked into viewing server output during a crafted server request, a remote
attacker could exploit this to modify the conte ...
Several remote vulnerabilities have been discovered in MoinMoin, a
Python clone of WikiWiki The Common Vulnerabilities and Exposures
project identifies the following problems:
CVE-2007-2423
A cross-site-scripting vulnerability has been discovered in
attachment handling
CVE-2007-2637
Access control lists for calendars and includes wer ...