|
|
Log in / Subscribe / Register

moin: cross-site scripting

Package(s):moin CVE #(s):CVE-2016-7146 CVE-2016-7148 CVE-2016-9119
Created:September 19, 2016 Updated:December 2, 2016
Description: From the Red Hat bugzilla:

MoinMoin 1.9.8 is out, released 2014-10-17.

See https://moinmo.in/MoinMoinDownload

Strongly recommended for all users and contains bug fixes and enhanced password functionality.

From the Debian advisory:

Several cross-site scripting vulnerabilities were discovered in moin, a Python clone of WikiWiki. A remote attacker can conduct cross-site scripting attacks via the GUI editor's attachment dialogue (CVE-2016-7146), the AttachFile view (CVE-2016-7148) and the GUI editor's link dialogue (CVE-2016-9119).

Alerts:
Debian DSA-3715-1 moin 2016-11-15
Fedora FEDORA-2016-b3f93ead5b moin 2016-09-18
Fedora FEDORA-2016-a77985b7c7 moin 2016-12-01
Fedora FEDORA-2016-d40c768095 moin 2016-12-01
Fedora FEDORA-2016-cde4525fab moin 2016-12-01
Ubuntu USN-3137-1 moin 2016-11-23
Debian-LTS DLA-717-1 moin 2016-11-22
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds