CVE-2010-0668 – moin

Package

Manager: pip
Name: moin
Vulnerable Version: >=1.5 <1.8.7 || >=1.9 <1.9.2

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.01524 pctl0.8058

Details

MoinMoin has multiple vulnerabilities related to superuser list, xmlrpc and OpenID configuration Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.

Metadata

Created: 2022-05-02T06:14:39Z
Modified: 2024-09-26T16:21:05Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-574f-mh6m-c6qm/GHSA-574f-mh6m-c6qm.json
CWE IDs: []
Alternative ID: GHSA-574f-mh6m-c6qm
Finding: F332
Auto approve: 1