Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS05eGg0LXdweDgtcmcyd81L8Q
MoinMoin Improper Privilege Management
MoinMoin 1.2.2 and earlier could allow a remote attacker to gain elevated privileges, caused by an undisclosed Access Control List (ACL) vulnerability in the PageEditor.
Permalink: https://github.com/advisories/GHSA-9xh4-wpx8-rg2wJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS05eGg0LXdweDgtcmcyd81L8Q
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: over 2 years ago
Updated: 6 months ago
Identifiers: GHSA-9xh4-wpx8-rg2w, CVE-2004-1463
References:
- https://nvd.nist.gov/vuln/detail/CVE-2004-1463
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16832
- http://sourceforge.net/project/shownotes.php?group_id=8482&release_id=254801
- http://www.gentoo.org/security/en/glsa/glsa-200408-25.xml
- http://www.osvdb.org/displayvuln.php?osvdb_id=8195
- http://www.securityfocus.com/bid/10801
- https://github.com/advisories/GHSA-9xh4-wpx8-rg2w
Blast Radius: 0.0
Affected Packages
pypi:Moin
Dependent packages: 0Dependent repositories: 46
Downloads: 605 last month
Affected Version Ranges: <= 1.2.2
Fixed in: 1.2.3
All affected versions:
All unaffected versions: 1.8.4, 1.8.5, 1.8.6, 1.8.7, 1.9.0, 1.9.1, 1.9.2, 1.9.3, 1.9.4, 1.9.5, 1.9.6, 1.9.7, 1.9.8, 1.9.9, 1.9.10, 1.9.11