CVE-2017-5934

NameCVE-2017-5934
DescriptionCross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-1546-1, DSA-4318-1
Debian Bugs910776

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
moinsourcejessie1.9.8-1+deb8u2DLA-1546-1
moinsourcestretch1.9.9-1+deb9u1DSA-4318-1
moinsource(unstable)1.9.9-1+deb9u1910776

Notes

https://github.com/moinwiki/moin-1.9/commit/70955a8eae091cc88fd9a6e510177e70289ec024

Search for package or bug name: Reporting problems