Information on source package moin

Available versions

ReleaseVersion
stretch1.9.9-1+deb9u1
stretch (security)1.9.9-1+deb9u2
buster1.9.9-1+deb9u1
buster (security)1.9.9-1+deb10u1

Open unimportant issues

BugstretchbusterDescription
CVE-2007-0902vulnerablevulnerableUnspecified vulnerability in the "Show debugging information" feature ...

Resolved issues

BugDescription
TEMP-0533673-74CBB6moin: heirarchical ACL vulnerability
TEMP-0526594-48E4C2moin: XSS in AttachFile.py via attachements
TEMP-0000000-B2D490moin: hierarchical ACLs security issue
TEMP-0000000-8648E9moinmoin XSS
CVE-2020-25074The cache action in action/cache.py in MoinMoin through 1.9.10 allows ...
CVE-2020-15275MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attac ...
CVE-2017-5934Cross-site scripting (XSS) vulnerability in the link dialogue in GUI e ...
CVE-2016-9119Cross-site scripting (XSS) vulnerability in the link dialogue in GUI e ...
CVE-2016-7148MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injectio ...
CVE-2016-7146MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injectio ...
CVE-2014-4037Cross-site scripting (XSS) vulnerability in editor/dialog/fck_spellerp ...
CVE-2012-6495Multiple directory traversal vulnerabilities in the (1) twikidraw (act ...
CVE-2012-6082Cross-site scripting (XSS) vulnerability in the rsslink function in th ...
CVE-2012-6081Multiple unrestricted file upload vulnerabilities in the (1) twikidraw ...
CVE-2012-6080Directory traversal vulnerability in the _do_attachment_move function ...
CVE-2012-4404security/__init__.py in MoinMoin 1.9 through 1.9.4 does not properly h ...
CVE-2011-1058Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) ...
CVE-2010-2970Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x ...
CVE-2010-2969Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 ...
CVE-2010-2487Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 ...
CVE-2010-1238MoinMoin 1.7.1 allows remote attackers to bypass the textcha protectio ...
CVE-2010-0828Cross-site scripting (XSS) vulnerability in action/Despam.py in the De ...
CVE-2010-0717The default configuration of cfg.packagepages_actions_excluded in Moin ...
CVE-2010-0669MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitiz ...
CVE-2010-0668Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x befor ...
CVE-2010-0667MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of th ...
CVE-2009-4762MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs ...
CVE-2009-2324Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor befor ...
CVE-2009-2265Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4 ...
CVE-2009-1482Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFi ...
CVE-2009-0312Cross-site scripting (XSS) vulnerability in the antispam feature (secu ...
CVE-2009-0260Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFi ...
CVE-2008-6603MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_h ...
CVE-2008-6549The password_checker function in config/multiconfig.py in MoinMoin 1.6 ...
CVE-2008-6548The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check t ...
CVE-2008-3381Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedS ...
CVE-2008-1937The user form processing (userform.py) in MoinMoin before 1.6.3, when ...
CVE-2008-1099_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not p ...
CVE-2008-1098Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8 ...
CVE-2008-0782Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows ...
CVE-2008-0781Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFi ...
CVE-2008-0780Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through 1.5 ...
CVE-2007-5567PHP remote file inclusion vulnerability in _lib/fckeditor/upload_confi ...
CVE-2007-5156Incomplete blacklist vulnerability in editor/filemanager/upload/php/up ...
CVE-2007-3163Incomplete blacklist vulnerability in the filemanager in Frederico Cal ...
CVE-2007-2637MoinMoin before 20070507 does not properly enforce ACLs for calendars ...
CVE-2007-2630Incomplete blacklist vulnerability in filemanager/browser/default/conn ...
CVE-2007-2423Cross-site scripting (XSS) vulnerability in index.php in MoinMoin 1.5. ...
CVE-2007-0901Multiple cross-site scripting (XSS) vulnerabilities in Info pages in M ...
CVE-2007-0857Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before ...
CVE-2006-0658Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 a ...
CVE-2004-1463Unknown vulnerability in the PageEditor in MoinMoin 1.2.2 and earlier, ...
CVE-2004-1462Unknown vulnerability in MoinMoin 1.2.2 and earlier allows remote atta ...
CVE-2004-0708MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges ...

Security announcements

DSA / DLADescription
DLA-2446-1moin - security update
DSA-4787-1moin - security update
DSA-4318-1moin - security update
DLA-1546-1moin - security update
DLA-717-1moin - security update
DSA-3715-1moin - security update
DSA-2593-1moin - several
DSA-2538-1moin - privilege escalation
DSA-2321-1moin - cross-site scripting
DSA-2083-1moin - cross-site scripting
DSA-2024-1moin - cross-site scripting
DSA-2014-1moin - several vulnerabilities
DSA-1791-1moin - cross-site scripting
DSA-1715-1moin - insufficient input sanitising
DSA-1514-1moin

Search for package or bug name: Reporting problems