—
PYSEC-2026-678
MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
Details
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before 1.5.7 allow remote attackers to inject arbitrary web script or HTML via (1) the page info, or the page name in a (2) AttachFile, (3) RenamePage, or (4) LocalSiteMap action.
Are you affected?
Enter the version of the package you're using.
Affected packages
References
- https://nvd.nist.gov/vuln/detail/CVE-2007-0857 [ADVISORY]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32377 [WEB]
- http://moinmoin.wikiwikiweb.de/MoinMoinRelease1.5/CHANGES [WEB]
- http://osvdb.org/31871 [WEB]
- http://osvdb.org/31872 [WEB]
- http://osvdb.org/31873 [WEB]
- http://secunia.com/advisories/24096 [WEB]
- http://secunia.com/advisories/24117 [WEB]
- http://www.osvdb.org/31874 [WEB]
- http://www.securityfocus.com/bid/22506 [WEB]
- http://www.ubuntu.com/usn/usn-421-1 [WEB]
- http://www.vupen.com/english/advisories/2007/0553 [WEB]
- https://pypi.org/project/moin [PACKAGE]
- https://github.com/advisories/GHSA-m84w-vgwf-p893 [ADVISORY]