Proof of concept information that demonstrates how Moinmoin versions prior to 1.9.3 suffer from a cross site scripting vulnerability.
5ff8dc4d53fbbfeb7a7303704850d58baa20fc56ac9148136f6824b553a93bd9
Hi, I reported the xss in moinmoin which is made possible via the RST
parser / mark-up.
Here is a demonstration / proof of concept of abusing the refuri via a
javascript link.
{{{#!rst
"`NotMe <javascript:alert(1)>`_" , "MORELOL"
}}}
Information about CVE-2011-1058 can also be found at
http://secunia.com/advisories/cve_reference/CVE-2011-1058/