XSS in Moinmo Moinmoin

CVE-2011-1058

Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.006 (70.2th percentile) — read the EPSS interpretation.

Affected products

Moinmo Moinmoin — versions 0.1, 0.2, 0.3
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

References

46476 (vdb-entry, x_refsource_BID)
USN-1604-1 (x_refsource_UBUNTU, vendor-advisory)
FEDORA-2011-2156 (x_refsource_FEDORA, vendor-advisory)
cve@mitre.org (x_refsource_CONFIRM, Patch, Vendor Advisory)
DSA-2321 (vendor-advisory, x_refsource_DEBIAN)
ADV-2011-0588 (vdb-entry, x_refsource_VUPEN)
FEDORA-2011-2157 (x_refsource_FEDORA, vendor-advisory)
43665 (x_refsource_SECUNIA, third-party-advisory)
50885 (x_refsource_SECUNIA, third-party-advisory)
ADV-2011-0455 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)