CVE-2010-0717 — Moinmoin vulnerability

CWE-168 documents6 sources

Severity

7.5HIGHNVD

EPSS

0.6%

top 30.64%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Moinmo Moinmoin

Timeline

PublishedFeb 26

Latest updateMay 2

Description

The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmoinmo/moinmoin1.8.6+24

🔴Vulnerability Details

OSV

MoinMoin has improper default configuration↗2022-05-02

▶

GHSA

MoinMoin has improper default configuration↗2022-05-02

▶

OSV

CVE-2010-0717: The default configuration of cfg↗2010-02-26

▶

📋Vendor Advisories

Ubuntu

MoinMoin vulnerabilities↗2010-03-11

▶

Red Hat

Moin: Security fixes in v1.8.7, v1.9.2↗2010-02-01

▶

💬Community

Bugzilla

CVE-2010-2487 moin: Multiple XSS issues↗2010-06-07

▶

Bugzilla

CVE-2010-0668 CVE-2010-0669 CVE-2010-0717 Moin: Security fixes in v1.8.7, v1.9.2↗2010-02-15

▶