Launchpad.net

CVE 2008-0780

Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through 1.5.8 and 1.6.x before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the login action.

Related bugs and status

CVE-2008-0780 (Candidate) is related to these bugs:

Bug #200897: [moin] [DSA-1514-1] multiple vulnerabilities

		In	Importance	Status
200897	[moin] [DSA-1514-1] multiple vulnerabilities	moin (Ubuntu)	Undecided	Invalid
200897	[moin] [DSA-1514-1] multiple vulnerabilities	moin (Ubuntu Intrepid)	Undecided	Invalid
200897	[moin] [DSA-1514-1] multiple vulnerabilities	moin (Ubuntu Jaunty)	Undecided	Invalid
200897	[moin] [DSA-1514-1] multiple vulnerabilities	moin (Ubuntu Dapper)	Undecided	Fix Released
200897	[moin] [DSA-1514-1] multiple vulnerabilities	moin (Ubuntu Gutsy)	Undecided	Fix Released
200897	[moin] [DSA-1514-1] multiple vulnerabilities	moin (Ubuntu Hardy)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://hg.moinmo.in/mo...
CONFIRM: http://hg.moinmo.in/mo...
CONFIRM: https://bugzilla.redha...
FEDORA: FEDORA-2008-1880
FEDORA: FEDORA-2008-1905
BID: 27904
SECUNIA: 29010
SECUNIA: 28987
DEBIAN: DSA-1514
SECUNIA: 29262
GENTOO: GLSA-200803-27
SECUNIA: 29444
SECUNIA: 33755
VUPEN: ADV-2008-0569
UBUNTU: USN-716-1