CVE-2017-5934
Published: 31 December 2017
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Priority
CVSS 3 base score: 6.1
Status
| Package | Release | Status |
|---|---|---|
|
moin Launchpad, Ubuntu, Debian |
bionic |
Released
(1.9.9-1ubuntu1.1)
|
| cosmic |
Released
(1.9.9-1ubuntu1.18.10.1)
|
|
| disco |
Not vulnerable
(1.9.9-1+deb9u1)
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
(trusty was released [1.9.7-1ubuntu2.2])
|
|
| upstream |
Released
(1.9.10)
|
|
| xenial |
Released
(1.9.8-1ubuntu1.16.04.2)
|