CVE-2008-0781 in Ubuntu

CVE-2008-0781

Priority

Low

Description

Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py
in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary
web script or HTML via (1) message, (2) pagename, and (3) target filenames.

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0781
http://www.ubuntu.com/usn/usn-716-1

Bugs

https://bugs.launchpad.net/bugs/200897

Assigned-to

jdstrand

Package

Source: moin (LP Ubuntu Debian)

Upstream:	needed
Ubuntu 8.04 LTS (Hardy Heron):	released (1.5.8-5.1ubuntu2.2)

Patches:

Vendor:	http://www.debian.org/security/2008/dsa-1514
Patch:	http://hg.moinmo.in/moin/1.5/rev/db212dfc58ef

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2012-06-01 15:18:35 UTC (commit 5347)