CVE-2009-0312
EPSS 0.68%MoinMoin Cross-site scripting (XSS) vulnerability in the antispam feature
Published: 5/2/2022Modified: 6/4/2024
Also known as:GHSA-cx94-3h5x-cc57
Description
Cross-site scripting (XSS) vulnerability in the antispam feature (security/antispam.py) in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content.
Affected packages (2)
- Debian/moinfrom 0, < 1.8.1-1.1
- PyPI/moinfrom 0, < 1.8.2
References (15)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2009-0312
- WEBhttp://hg.moinmo.in/moin/1.7/rev/89b91bf87dad
- WEBhttp://hg.moinmo.in/moin/1.8/rev/89b91bf87dad
- WEBhttp://moinmo.in/SecurityFixes#moin1.8.1
- WEBhttp://osvdb.org/51632
- WEBhttp://secunia.com/advisories/33716
- WEBhttp://secunia.com/advisories/33755
- WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/48306
- WEBhttps://usn.ubuntu.com/716-1
- WEBhttps://usn.ubuntu.com/716-1/
- WEBhttps://web.archive.org/web/20090323075215/http://hg.moinmo.in/moin/1.8/raw-file/1.8.2/docs/CHANGES
- WEBhttps://web.archive.org/web/20100825000634/http://hg.moinmo.in/moin/1.7/rev/89b91bf87dad
- WEBhttps://web.archive.org/web/20200228151935/http://hg.moinmo.in/moin/1.8/rev/89b91bf87dad
- WEBhttps://www.debian.org/security/2009/dsa-1715
- WEBhttp://www.openwall.com/lists/oss-security/2009/01/27/4