Vulnerabilities > Moinmo

DATE CVE VULNERABILITY TITLE RISK
2020-11-11 CVE-2020-15275 Cross-site Scripting vulnerability in Moinmo Moinmoin
MoinMoin is a wiki engine.
network
low complexity
moinmo CWE-79
5.4
2020-11-10 CVE-2020-25074 Path Traversal vulnerability in multiple products
The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request.
network
low complexity
moinmo debian CWE-22
critical
9.8
2018-10-15 CVE-2017-5934 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
moinmo debian canonical opensuse CWE-79
6.1
2017-01-30 CVE-2016-9119 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
moinmo canonical debian CWE-79
6.1
2016-11-10 CVE-2016-7148 Cross-site Scripting vulnerability in Moinmo Moinmoin 1.9.8
MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=AttachFile (via page name) component.
network
low complexity
moinmo CWE-79
6.1
2016-11-10 CVE-2016-7146 Cross-site Scripting vulnerability in Moinmo Moinmoin 1.9.8
MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injection" attacks by using the "page creation or crafted URL" approach, related to a "Cross Site Scripting (XSS)" issue affecting the action=fckdialog&dialog=attachment (via page name) component.
network
low complexity
moinmo CWE-79
6.1