Information on source package moin

Available versions

ReleaseVersion
jessie1.9.8-1+deb8u1
jessie (security)1.9.8-1+deb8u2
stretch1.9.9-1
stretch (security)1.9.9-1+deb9u1
buster1.9.9-1
sid1.9.9-1

Open issues

BugjessiestretchbustersidDescription
CVE-2017-5934fixedfixedvulnerablevulnerableCross-site scripting (XSS) vulnerability in the link dialogue in GUI ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2007-0902vulnerablevulnerablevulnerablevulnerableUnspecified vulnerability in the "Show debugging information" feature ...

Resolved issues

BugDescription
TEMP-0533673-74CBB6moin: heirarchical ACL vulnerability
TEMP-0526594-48E4C2moin: XSS in AttachFile.py via attachements
TEMP-0000000-B2D490moin: hierarchical ACLs security issue
TEMP-0000000-8648E9moinmoin XSS
CVE-2016-9119Cross-site scripting (XSS) vulnerability in the link dialogue in GUI ...
CVE-2016-7148MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript ...
CVE-2016-7146MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript ...
CVE-2014-4037Cross-site scripting (XSS) vulnerability in ...
CVE-2012-6495Multiple directory traversal vulnerabilities in the (1) twikidraw ...
CVE-2012-6082Cross-site scripting (XSS) vulnerability in the rsslink function in ...
CVE-2012-6081Multiple unrestricted file upload vulnerabilities in the (1) twikidraw ...
CVE-2012-6080Directory traversal vulnerability in the _do_attachment_move function ...
CVE-2012-4404security/__init__.py in MoinMoin 1.9 through 1.9.4 does not properly ...
CVE-2011-1058Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) ...
CVE-2010-2970Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x ...
CVE-2010-2969Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 ...
CVE-2010-2487Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 ...
CVE-2010-1238MoinMoin 1.7.1 allows remote attackers to bypass the textcha ...
CVE-2010-0828Cross-site scripting (XSS) vulnerability in action/Despam.py in the ...
CVE-2010-0717The default configuration of cfg.packagepages_actions_excluded in ...
CVE-2010-0669MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly ...
CVE-2010-0668Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x ...
CVE-2010-0667MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of ...
CVE-2009-4762MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs ...
CVE-2009-2324Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor ...
CVE-2009-2265Multiple directory traversal vulnerabilities in FCKeditor before ...
CVE-2009-1482Multiple cross-site scripting (XSS) vulnerabilities in ...
CVE-2009-0312Cross-site scripting (XSS) vulnerability in the antispam feature ...
CVE-2009-0260Multiple cross-site scripting (XSS) vulnerabilities in ...
CVE-2008-6603MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when ...
CVE-2008-6549The password_checker function in config/multiconfig.py in MoinMoin ...
CVE-2008-6548The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check ...
CVE-2008-3381Multiple cross-site scripting (XSS) vulnerabilities in ...
CVE-2008-1937The user form processing (userform.py) in MoinMoin before 1.6.3, when ...
CVE-2008-1099_macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not ...
CVE-2008-1098Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8 ...
CVE-2008-0782Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows ...
CVE-2008-0781Multiple cross-site scripting (XSS) vulnerabilities in ...
CVE-2008-0780Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through ...
CVE-2007-5567PHP remote file inclusion vulnerability in ...
CVE-2007-5156Incomplete blacklist vulnerability in ...
CVE-2007-3163Incomplete blacklist vulnerability in the filemanager in Frederico ...
CVE-2007-2637MoinMoin before 20070507 does not properly enforce ACLs for calendars ...
CVE-2007-2630Incomplete blacklist vulnerability in ...
CVE-2007-2423Cross-site scripting (XSS) vulnerability in index.php in MoinMoin ...
CVE-2007-0901Multiple cross-site scripting (XSS) vulnerabilities in Info pages in ...
CVE-2007-0857Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before ...
CVE-2006-0658Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 ...
CVE-2004-1463Unknown vulnerability in the PageEditor in MoinMoin 1.2.2 and earlier, ...
CVE-2004-1462Unknown vulnerability in MoinMoin 1.2.2 and earlier allows remote ...
CVE-2004-0708MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges ...

Security announcements

DSA / DLADescription
DSA-4318-1moin - security update
DLA-1546-1moin - security update
DLA-717-1moin - security update
DSA-3715-1moin - security update
DSA-2593-1moin - several
DSA-2538-1moin - privilege escalation
DSA-2321-1moin - cross-site scripting
DSA-2321-1moin - cross-site scripting
DSA-2083-1moin - cross-site scripting
DSA-2024-1moin - cross-site scripting
DSA-2014-1moin - several vulnerabilities
DSA-1791-1moin - cross-site scripting
DSA-1715-1moin - insufficient input sanitising
DSA-1514-1moin

Search for package or bug name: Reporting problems