Published: 05/03/2008 Updated: 03/10/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and previous versions does not properly enforce ACLs, which allows remote malicious users to read protected pages.

Vulnerable Product	Search on Vulmon	Subscribe to Product
moinmoin moinmoin

Fernando Quintero discovered than MoinMoin did not properly sanitize its input when processing login requests, resulting in cross-site scripting (XSS) vulnerabilities With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the conte ...

Several remote vulnerabilities have been discovered in MoinMoin, a Python clone of WikiWiki The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-2423 A cross-site-scripting vulnerability has been discovered in attachment handling CVE-2007-2637 Access control lists for calendars and includes wer ...

CWE-264 http://hg.moinmo.in/moin/1.5/rev/4a7de0173734 http://moinmo.in/SecurityFixes http://www.debian.org/security/2008/dsa-1514 http://www.securityfocus.com/bid/28177 http://secunia.com/advisories/29262 http://www.gentoo.org/security/en/glsa/glsa-200803-27.xml http://secunia.com/advisories/29444 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00510.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00538.html http://secunia.com/advisories/30031 http://secunia.com/advisories/33755 https://exchange.xforce.ibmcloud.com/vulnerabilities/41038 https://usn.ubuntu.com/716-1/https://usn.ubuntu.com/716-1/https://nvd.nist.gov

CVE-2008-1099

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect