Описание
Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some of these details are obtained from third party information.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 1.9.3-1ubuntu3 |
| hardy | ignored | end of life |
| karmic | ignored | end of life |
| lucid | released | 1.9.2-2ubuntu3.2 |
| maverick | ignored | end of life |
| natty | released | 1.9.3-1ubuntu1.11.04.1 |
| oneiric | released | 1.9.3-1ubuntu1.11.10.1 |
| precise | released | 1.9.3-1ubuntu2.1 |
| upstream | released | 1.9.3-3 |
Показывать по
EPSS
2.6 Low
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some of these details are obtained from third party information.
Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) ...
MoinMoin Cross-site Scripting (XSS) vulnerability
EPSS
2.6 Low
CVSS2