Bug#575995: XSS in Despam action (CVE-2010-0828)

Frank Lin PIAT Wed, 31 Mar 2010 00:20:42 -0700

Package: moin
Version: 1.5.3-1.2etch2
Severity: security

Hello,


There is a XSS in moinmoin "Despam" action (see [1] and
CVE-2010-0828[2]). Note that Despam action is only accessible to
superusers, not by regular users.

Franklin


[1] http://moinmo.in/SecurityFixes
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0828




-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Bug#575995: XSS in Despam action (CVE-2010-0828)

Reply via email to