Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-7148

Опубликовано: 10 нояб. 2016
Источник: debian
EPSS Низкий

Описание

MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
moinfixed1.9.9-1package
moinnot-affectedwheezypackage

Примечания

  • Fixed by: http://hg.moinmo.in/moin/1.9/rev/eceb70c41ecc

  • https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html

EPSS

Процентиль: 46%
0.00235
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2016-7148

CVSS3: 6.1
ubuntu
около 9 лет назад

MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component.

nvd логотип

CVE-2016-7148

CVSS3: 6.1
nvd
около 9 лет назад

MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component.

github логотип

GHSA-3x76-j3jj-439j

CVSS3: 6.1
github
больше 3 лет назад

MoinMoin Cross-site Scripting (XSS) vulnerability

EPSS

Процентиль: 46%
0.00235
Низкий