XSS in Moinmo Moinmoin
CVE-2010-2970
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.py, (2) action/anywikidraw.py, and (3) ac…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.006 (69.8th percentile) — read the EPSS interpretation.
Affected products
- Moinmo Moinmoin — versions 1.9.2, 1.9.1, 1.9.0
- N/a — versions n/a
Weakness classification (CWE)
References
- ADV-2010-1981 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- 40549 (vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_CONFIRM)
- DSA-2083 (vendor-advisory, x_refsource_DEBIAN)
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (x_refsource_CONFIRM)
- [oss-security] 20100701 CVE request: moin multiple XSS (mailing-list, x_refsource_MLIST)
- [oss-security] 20100702 Re: CVE request: moin multiple XSS (mailing-list, x_refsource_MLIST)