A cross-site scripting vulnerability was found in moin in GUI editor's link dialogue.
Created moin tracking bugs for this issue:
Affects: fedora-all [bug 1395200]
Affects: epel-all [bug 1395201]
This was fixed in 1.9.9, I checked MoinMoin/action/fckdialog.py , it has the escaped variables.
1.9.9 is currently in (fedora|epel)-testing.
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.