CVE-2007-2637 – moin

Package

Manager: pip
Name: moin
Vulnerable Version: >=0 <1.5.8

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00551 pctl0.67012

Details

MoinMoin Improper ACL handling for calendars and includes MoinMoin before 20070507 does not properly enforce ACLs for calendars and includes, which allows remote attackers to read certain pages via unspecified vectors.

Metadata

Created: 2022-05-01T18:05:39Z
Modified: 2024-05-14T20:41:20Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-cmg7-xr2j-4r9v/GHSA-cmg7-xr2j-4r9v.json
CWE IDs: []
Alternative ID: GHSA-cmg7-xr2j-4r9v
Finding: F039
Auto approve: 1