Описание
Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an AttachFile sub-action in the error_msg function or (2) multiple vectors related to package file errors in the upload_form function, different vectors than CVE-2009-0260.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | already fixed |
| devel | not-affected | 1.8.4-1ubuntu1 |
| hardy | not-affected | already fixed |
| intrepid | released | 1.7.1-1ubuntu1.2 |
| jaunty | released | 1.8.2-2ubuntu2.1 |
| upstream | released | 1.8.4 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an AttachFile sub-action in the error_msg function or (2) multiple vectors related to package file errors in the upload_form function, different vectors than CVE-2009-0260.
Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an AttachFile sub-action in the error_msg function or (2) multiple vectors related to package file errors in the upload_form function, different vectors than CVE-2009-0260.
Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFi ...
MoinMoin Cross-site Scripting (XSS) vulnerability
EPSS
4.3 Medium
CVSS2