cbcvebase.

Moinmo Moinmoin vulnerabilities

26 known vulnerabilities affecting moinmo/moinmoin.

Total CVEs
26
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH3MEDIUM20LOW2

Vulnerabilities

Page 2 of 2
CVE-2010-2969P4MEDIUMCVSS 4.3≤ 1.7.3v0.1+45 more2010-08-05
CVE-2010-2969 [MEDIUM] CVE-2010-2969: Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/LikePages.py, (2) action/chart.py, and (3) action/userprofile.py, a similar issue to CVE-2010-2487.
nvd
CVE-2010-2970P4MEDIUMCVSS 4.3v1.9.0v1.9.1+1 more2010-08-05
CVE-2010-2970 [MEDIUM] CVE-2010-2970: Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote atta Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.py, (2) action/anywikidraw.py, and (3) action/language_setup.py, a similar issue to CVE-2010-2487.
nvd
CVE-2012-6082P4MEDIUMCVSS 4.3v1.9.52013-01-03
CVE-2012-6082 [MEDIUM] CWE-79 CVE-2012-6082: Cross-site scripting (XSS) vulnerability in the rsslink function in theme/__init__.py in MoinMoin 1. Cross-site scripting (XSS) vulnerability in the rsslink function in theme/__init__.py in MoinMoin 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the page name in a rss link.
nvd
CVE-2009-1482P4MEDIUMCVSS 4.3v1.6.12009-04-29
CVE-2009-1482 [MEDIUM] CVE-2009-1482: Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and ea Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.8.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) an AttachFile sub-action in the error_msg function or (2) multiple vectors related to package file errors in the upload_form function, different vectors than CVE-2009-0260.
nvd
CVE-2010-0828P4LOWCVSS 3.5v1.8.7v1.9.22010-04-05
CVE-2010-0828 [LOW] CWE-79 CVE-2010-0828: Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI.
nvd
CVE-2011-1058P4LOWCVSS 2.6≤ 1.9.2v0.1+53 more2011-02-22
CVE-2011-1058 [LOW] CWE-79 CVE-2011-1058: Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some of these details are obtained from third party informat
nvd
Moinmo Moinmoin vulnerabilities | cvebase