VDB
KO

PYSEC-2009-13

Details

MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to True, which might allow remote attackers to bypass intended access restrictions, a different vulnerability than CVE-2008-1937.

Are you affected?

Enter the version of the package you're using.

Affected packages

PyPI / moin
Introduced in: 0 Fixed in: 1.6.3
Fix pip install --upgrade 'moin>=1.6.3'

References