Опубликовано: 04 янв. 2019
Источник: github
Github: Прошло ревью
CVSS4: 5.1
CVSS3: 6.1
Описание
Moderate severity vulnerability that affects moin
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2017-5934
- https://github.com/moinwiki/moin-1.9/commit/70955a8eae091cc88fd9a6e510177e70289ec024
- https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2018-47.yaml
- https://lists.debian.org/debian-lts-announce/2018/10/msg00007.html
- https://usn.ubuntu.com/3794-1
- https://www.debian.org/security/2018/dsa-4318
- http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00024.html
- http://moinmo.in/SecurityFixes
Пакеты
Наименование
moin
pip
Затронутые версииВерсия исправления
< 1.9.10
1.9.10
Связанные уязвимости
CVSS3: 6.1
ubuntu
больше 7 лет назад
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS3: 6.1
nvd
больше 7 лет назад
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS3: 6.1
debian
больше 7 лет назад
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI e ...
