*** This bug is a security vulnerability ***

Public security bug reported:

When creating wiki pages on MoinMoin with an ACL, the initial version of
the page is sent to anyone registered for notifications - regardless of
whether they are within the ACL or not. This is a serious security hole
- since it means that confidential data which is expected to be covered
by the ACL is sent to users outside the group.

This is tracked by the following MoinMoin bug:
http://moinmo.in/MoinMoinBugs/ConfidentialPagesContentSentToSubscribers

** Affects: moin (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/789068

Title:
  Confidential pages content sent to subscribers

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to