Showing 1 - 3 of 3

CVE-2011-1058

Status Candidate

Overview

Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some of these details are obtained from third party information.

Related Files

Gentoo Linux Security Advisory 201210-02: Posted Oct 18, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201210-2 - Multiple vulnerabilities have been found in MoinMoin, the worst of which allowing for injection of arbitrary web script or HTML. Versions less than 1.9.4 are affected.; tags | advisory, web, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2010-0668, CVE-2010-0669, CVE-2010-0717, CVE-2010-0828, CVE-2010-1238, CVE-2010-2487, CVE-2010-2969, CVE-2010-2970, CVE-2011-1058; SHA-256 | 4d9ba6abefcc507c2eba4d1f87ee9899d2416f5a1e5e306c72af993453e5bf78; Download | Favorite | View

Ubuntu Security Notice USN-1604-1: Posted Oct 11, 2012; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1604-1 - It was discovered that MoinMoin did not properly sanitize certain input, resulting in a cross-site scripting (XSS) vulnerability. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain. It was discovered that MoinMoin incorrectly handled group names that contain virtual group names such as "All", "Known" or "Trusted". This could result in a remote user having incorrect permissions. Various other issues were also addressed.; tags | advisory, remote, vulnerability, xss; systems | linux, ubuntu; advisories | CVE-2011-1058, CVE-2012-4404, CVE-2011-1058, CVE-2012-4404; SHA-256 | 1ce16fbb6c9076312138ad64f4db209f2248fb9791187ad08e0fd105cc3c207a; Download | Favorite | View

Debian Security Advisory 2321-1: Posted Oct 10, 2011; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2321-1 - A cross-site scriping vulnerability was discovered in the rst parser of Moin, a Python clone of WikiWiki.; tags | advisory, python; systems | linux, debian; advisories | CVE-2011-1058; SHA-256 | 8c0f1a089dabbb44312a9f61dfd8a3a6c5421bd634428c589dcce8b37b4b49b9; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 237 files
indoushka 172 files
Jay Turla 150 files
Ubuntu 78 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,114)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,124)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (389)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,237)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,845)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,852)
UNIX (9,456)
UnixWare (188)
Windows (6,772)
Other

CVE-2011-1058

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems