Description
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in
certain inappropriate circumstances during processing of hierarchical ACLs,
which allows remote attackers to bypass intended access restrictions by
requesting an item, a different vulnerability than CVE-2008-6603.
Notes
mdeslaur | Hierarchical ACLs were introduced in 1.6.0, so dapper and
hardy don't appear to be vulnerable. |
Package
Upstream: | released
(1.7.3, 1.8.3)
|
Patches:
Updated: 2019-12-05 20:54:11 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)