VDB
KO

PYSEC-2026-675

MoinMoin Improper ACL handling for calendars and includes

Details

MoinMoin before 20070507 does not properly enforce ACLs for calendars and includes, which allows remote attackers to read certain pages via unspecified vectors.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / moin
Introduced in: 0 Fixed in: 1.5.8
Fix pip install --upgrade 'moin>=1.5.8'

References