GHSA-m9j7-xcj7-42j9

Опубликовано: 17 мая 2022

Источник: github

Github: Прошло ревью

CVSS4: 5.1

CVSS3: 6.1

Описание

MoinMoin Cross-site Scripting (XSS) vulnerability

Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some of these details are obtained from third party information.

Ссылки

Пакеты

Наименование

moin

pip

Затронутые версииВерсия исправления

< 1.9.3

1.9.3

EPSS

Процентиль: 69%

0.0061

Низкий

5.1 Medium

CVSS4

6.1 Medium

CVSS3

CVE ID

CVE-2011-1058

Дефекты

CWE-79

Связанные уязвимости

CVE-2011-1058

ubuntu

почти 15 лет назад

Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some of these details are obtained from third party information.

CVE-2011-1058

nvd

почти 15 лет назад

CVE-2011-1058

debian

почти 15 лет назад

Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) ...

EPSS

Процентиль: 69%

0.0061

Низкий

5.1 Medium

CVSS4

6.1 Medium

CVSS3

CVE ID

CVE-2011-1058

Дефекты

CWE-79