CVE-2016-7148 β Cross-site Scripting in Moinmoin
Severity
6.1MEDIUMNVD
EPSS
0.2%
top 53.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 10
Latest updateMay 17
Description
MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7
Affected Packages1 packages
π΄Vulnerability Details
3πVendor Advisories
1π¬Community
3Bugzilla
βΆ
Bugzilla
βΆ