CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
85.2%
Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before
1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors,
related to configurations that have a non-empty superuser list, the xmlrpc
action enabled, the SyncPages action enabled, or OpenID configured.
Author | Note |
---|---|
jdstrand | upstream plans to backport to 1.7 and 1.8 only. Patches for 8.04 LTS and 6.06 LTS need a lot of work since the 1.7 patches don’t apply. |