moinmo MoinMoin 1.9.9

CPE Details

moinmo MoinMoin 1.9.9
moinmo
moinmoin
1.9.9
2019-06-04
14h03 +00:00
2019-06-04
14h03 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:moinmo:moinmoin:1.9.9:*:*:*:*:*:*:*

Informations

Vendor

moinmo

Product

moinmoin

Version

1.9.9

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-15275 2020-11-11 14h45 +00:00 MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attacker with write permissions can upload an SVG file that contains malicious javascript. This javascript will be executed in a user's browser when the user is viewing that SVG file on the wiki. Users are strongly advised to upgrade to a patched version. MoinMoin Wiki 1.9.11 has the necessary fixes and also contains other important fixes.
8.7
High
CVE-2020-25074 2020-11-10 15h48 +00:00 The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution.
9.8
Critical
CVE-2017-5934 2018-10-15 17h00 +00:00 Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
6.1
Medium