CVE-2010-0828Cross-site Scripting in Moinmoin

CWE-79Cross-site Scripting9 documents6 sources
Severity
3.5LOWNVD
EPSS
0.6%
top 31.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Moinmo Moinmoin
Timeline
PublishedApr 5
Latest updateMay 2

Description

Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

NVDmoinmo/moinmoin1.8.7, 1.9.2+1

Patches

Patch: hg.moinmo.inPatch: hg.moinmo.in

🔴Vulnerability Details

3
GHSA
MoinMoin Cross-site Scripting (XSS) vulnerability2022-05-02
OSV
MoinMoin Cross-site Scripting (XSS) vulnerability2022-05-02
OSV
CVE-2010-0828: Cross-site scripting (XSS) vulnerability in action/Despam2010-04-05

📋Vendor Advisories

2
Ubuntu
MoinMoin vulnerabilities2010-04-08
Red Hat
Moin v1.8.7 / v.1.9.2 -- XSS in Despam action2010-03-30

💬Community

3
Bugzilla
CVE-2010-2487 moin: Multiple XSS issues2010-06-07
Bugzilla
CVE-2010-0828 Moin v1.8.7 / v.1.9.2 -- XSS in Despam action [Fedora all]2010-04-01
Bugzilla
CVE-2010-0828 Moin v1.8.7 / v.1.9.2 -- XSS in Despam action2010-04-01
CVE-2010-0828 — Cross-site Scripting in Moinmo Moinmoin | cvebase