FreeBSD Ports: Moinmoin Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg http://www.vuxml.org/freebsd/4c017345-1d89-11e0-bbee-0014a5e3cda6.html

Insight

The following package is affected: moinmoin CVE-2010-0828 Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI.

Severity

Classification

CVE CVE-2010-0828

CVSS	Base Score: 3.5 AV:N/AC:M/Au:S/C:N/I:P/A:N

Related Vulnerabilities

FreeBSD Ports: bind98
FreeBSD Ports: otrs
FreeBSD Ports: tinyproxy
FreeBSD Ports: ldapscripts
FreeBSD Ports: mod_perl

FreeBSD Ports: moinmoin

Take action and discover your vulnerabilities