CVE-2010-1238

Related Files

Gentoo Linux Security Advisory 201210-02

Posted Oct 18, 2012

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201210-2 - Multiple vulnerabilities have been found in MoinMoin, the worst of which allowing for injection of arbitrary web script or HTML. Versions less than 1.9.4 are affected.

tags | advisory, web, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2010-0668, CVE-2010-0669, CVE-2010-0717, CVE-2010-0828, CVE-2010-1238, CVE-2010-2487, CVE-2010-2969, CVE-2010-2970, CVE-2011-1058

SHA-256 | 4d9ba6abefcc507c2eba4d1f87ee9899d2416f5a1e5e306c72af993453e5bf78

Download | Favorite | View

Ubuntu Security Notice 925-1

Posted Apr 9, 2010

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 925-1 - It was discovered that MoinMoin did not properly sanitize its input when processing Despam actions, resulting in cross-site scripting (XSS) vulnerabilities. If a privileged wiki user were tricked into performing the Despam action on a page with a crafted title, a remote attacker could exploit this to execute JavaScript code. It was discovered that the TextCha protection in MoinMoin could be bypassed by submitting a crafted form request. This issue only affected Ubuntu 8.10.

tags | advisory, remote, javascript, vulnerability, xss

systems | linux, ubuntu

advisories | CVE-2010-0828, CVE-2010-1238

SHA-256 | 82c35b721a3b693f76ae72c67ffad7a459b00ebe8aba7b8dda1b0607d89daf8f

Download | Favorite | View