The user form processing (userform.py) in MoinMoin prior to 1.6.3, when using ACLs or a non-empty superusers list, does not properly manage users, which allows remote malicious users to gain privileges.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moinmoin moinmoin 1.6.0 |
||
moinmoin moinmoin 1.6.1 |
||
moinmoin moinmoin 1.6.2 |