Red Hat Bugzilla – Bug 457362
CVE-2008-3381 moin: XSS issue in the advanced search form
Last modified: 2016-03-04 07:08:10 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-3381 to the
Multiple cross-site scripting (XSS) vulnerabilities in
macro/AdvancedSearch.py in moin (and MoinMoin) 1.6.3 and 1.7.0 allow
remote attackers to inject arbitrary web script or HTML via
Upstream patches (1.6 and 1.7 branches):
There's no MoinMoin/macro/AdvancedSearch.py in moin 1.5.9 in F-8, so it's
moin-1.6.4-1.fc10 has been submitted as an update for Fedora 10.
moin-1.6.4-1.fc9 has been submitted as an update for Fedora 9.
moin-1.6.4-1.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
moin-1.6.4-1.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
I'm closing this bug because the fix has been pushed and the update had security team approval. Please reopen if something related to this vulnerability is not fixed.