—
PYSEC-2026-671
MoinMoin allows administrative access
Details
MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges.
Are you affected?
Enter the version of the package you're using.
Affected packages
References
- https://nvd.nist.gov/vuln/detail/CVE-2004-0708 [ADVISORY]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16465 [WEB]
- http://secunia.com/advisories/11807 [WEB]
- http://sourceforge.net/tracker/index.php?func=detail&aid=948103&group_id=8482&atid=108482 [WEB]
- http://www.gentoo.org/security/en/glsa/glsa-200407-09.xml [WEB]
- http://www.osvdb.org/6704 [WEB]
- http://www.securityfocus.com/bid/10568 [WEB]
- https://pypi.org/project/moin [PACKAGE]
- https://github.com/advisories/GHSA-7jrp-r6jx-32cw [ADVISORY]