AOH :: HP Unsorted M :: VA2371.HTM

MoinMoin Wiki Engine XSS Vulnerability



MoinMoin Wiki Engine XSS Vulnerability
MoinMoin Wiki Engine XSS Vulnerability



MoinMoin Wiki Engine Cross-Site Scripting

Discovered by: SecureState R&D Team (sasquatch)

Website: www.securestate.com 

Discovered: 01-08-09

Vendor Notified: 01-08-09

Vendor Fix Issued: 01-11-09 (http://hg.moinmo.in/moin/1.8/rev/8cb4d34ccbc1) 

Vendor Fix:  Upgrade to version 1.8.1 

Public Posting: 01-19-09

Example:
&action=AttachFile&drawing="> 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.