CVE-2016-9119Cross-site Scripting in Moinmoin

CWE-79Cross-site Scripting8 documents5 sources
Severity
6.1MEDIUMNVD
EPSS
0.8%
top 25.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Moinmo MoinmoinCanonical Ubuntu LinuxDebian Linux
Timeline
PublishedJan 30
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages1 packages

NVDmoinmo/moinmoin1.9.7

Also affects: Debian Linux 8.0, Ubuntu Linux 12.04, 14.04, 16.04, 16.10

🔴Vulnerability Details

3
GHSA
MoinMoin Cross-site Scripting (XSS) vulnerability2022-05-17
OSV
MoinMoin Cross-site Scripting (XSS) vulnerability2022-05-17
OSV
CVE-2016-9119: Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 12017-01-30

📋Vendor Advisories

1
Ubuntu
MoinMoin vulnerabilities2016-11-23

💬Community

3
Bugzilla
CVE-2016-9119 moin: XSS in GUI editor's link dialogue [epel-all]2016-11-15
Bugzilla
CVE-2016-9119 moin: XSS in GUI editor's link dialogue2016-11-15
Bugzilla
CVE-2016-9119 moin: XSS in GUI editor's link dialogue [fedora-all]2016-11-15
CVE-2016-9119 — Cross-site Scripting in Moinmo Moinmoin | cvebase