CVE-2010-2487

Related Files

Gentoo Linux Security Advisory 201210-02

Posted Oct 18, 2012

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201210-2 - Multiple vulnerabilities have been found in MoinMoin, the worst of which allowing for injection of arbitrary web script or HTML. Versions less than 1.9.4 are affected.

tags | advisory, web, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2010-0668, CVE-2010-0669, CVE-2010-0717, CVE-2010-0828, CVE-2010-1238, CVE-2010-2487, CVE-2010-2969, CVE-2010-2970, CVE-2011-1058

SHA-256 | 4d9ba6abefcc507c2eba4d1f87ee9899d2416f5a1e5e306c72af993453e5bf78

Download | Favorite | View

Ubuntu Security Notice 977-1

Posted Aug 26, 2010

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 977-1 - It was discovered that MoinMoin did not properly sanitize its input, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

tags | advisory, remote, vulnerability, xss

systems | linux, ubuntu

advisories | CVE-2010-2487, CVE-2010-2969, CVE-2010-2970

SHA-256 | f538172b30fc98a58580052fdd4fd67f69c60186f5886f382b323b4806770858

Download | Favorite | View

Debian Linux Security Advisory 2083-1

Posted Aug 3, 2010

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2083-1 - It was discovered that moin, a python clone of WikiWiki, does not sufficiently sanitize parameters when passing them to the add_msg function. This allows a remote attackers to conduct cross-site scripting (XSS) attacks for example via the template parameter.

tags | advisory, remote, xss, python

systems | linux, debian

advisories | CVE-2010-2487

SHA-256 | 395457bc601af50ef38ae224c858e76317ecb2a7e7548e8412a6fb7969093f8c

Download | Favorite | View