Lucene search

K

RedhatCVELIST:CVE-2010-2487

HistoryAug 04, 2010 - 9:00 p.m.

CVE-2010-2487

2010-08-0421:00:00

redhat

www.cve.org

6

AI Score

5.5

Confidence

High

EPSS

0.008

Percentile

81.2%

Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) Page.py, (2) PageEditor.py, (3) PageGraphicalEditor.py, (4) action/CopyPage.py, (5) action/Load.py, (6) action/RenamePage.py, (7) action/backup.py, (8) action/login.py, (9) action/newaccount.py, and (10) action/recoverpass.py.

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809

hg.moinmo.in/moin/1.7/rev/37306fba2189

hg.moinmo.in/moin/1.8/raw-file/1.8.8/docs/CHANGES

hg.moinmo.in/moin/1.8/rev/4238b0c90871

hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES

hg.moinmo.in/moin/1.9/rev/68ba3cc79513

hg.moinmo.in/moin/1.9/rev/e50b087c4572

marc.info/?l=oss-security&m=127799369406968&w=2

marc.info/?l=oss-security&m=127809682420259&w=2

moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg

moinmo.in/MoinMoinRelease1.8

moinmo.in/MoinMoinRelease1.9

moinmo.in/SecurityFixes

secunia.com/advisories/40836

www.debian.org/security/2010/dsa-2083

www.securityfocus.com/bid/40549

www.vupen.com/english/advisories/2010/1981

AI Score

5.5

Confidence

High

EPSS

0.008

Percentile

81.2%

Related for CVELIST:CVE-2010-2487

cve3 ubuntucve3 osv6 openvas8 prion3 github3 securityvulns3 nvd3 nessus4 debian1 debiancve3 cvelist2 ubuntu1 gentoo1