Ubuntu Security Notice USN-774-1 - It was discovered that MoinMoin did not properly sanitize its input when attaching files, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.
68e1b17b40890ae22a139b48636ff8f9584fd479f9d21e0cc211d9f3fd929789
Debian Security Advisory 1791-1 - It was discovered that the AttachFile action in moin, a python clone of WikiWiki, is prone to cross-site scripting attacks when renaming attachments or performing other sub-actions.
3ae5e30c1170b20c9791d19e903cad613381a9ae18a2b48249517bba2d9ca090