VDB
KO

PYSEC-2026-671

MoinMoin allows administrative access

Details

MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / moin
Introduced in: 0 Fixed in: 1.2.2
Fix pip install --upgrade 'moin>=1.2.2'

References