| Bug | Description |
|---|
| TEMP-0533673-74CBB6 | moin: heirarchical ACL vulnerability |
| TEMP-0526594-48E4C2 | moin: XSS in AttachFile.py via attachements |
| TEMP-0000000-B2D490 | moin: hierarchical ACLs security issue |
| TEMP-0000000-8648E9 | moinmoin XSS |
| CVE-2017-5934 | Cross-site scripting (XSS) vulnerability in the link dialogue in GUI e ... |
| CVE-2016-9119 | Cross-site scripting (XSS) vulnerability in the link dialogue in GUI e ... |
| CVE-2016-7148 | MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injectio ... |
| CVE-2016-7146 | MoinMoin 1.9.8 allows remote attackers to conduct "JavaScript injectio ... |
| CVE-2014-4037 | Cross-site scripting (XSS) vulnerability in editor/dialog/fck_spellerp ... |
| CVE-2012-6495 | Multiple directory traversal vulnerabilities in the (1) twikidraw (act ... |
| CVE-2012-6082 | Cross-site scripting (XSS) vulnerability in the rsslink function in th ... |
| CVE-2012-6081 | Multiple unrestricted file upload vulnerabilities in the (1) twikidraw ... |
| CVE-2012-6080 | Directory traversal vulnerability in the _do_attachment_move function ... |
| CVE-2012-4404 | security/__init__.py in MoinMoin 1.9 through 1.9.4 does not properly h ... |
| CVE-2011-1058 | Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) ... |
| CVE-2010-2970 | Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x ... |
| CVE-2010-2969 | Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 ... |
| CVE-2010-2487 | Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 ... |
| CVE-2010-1238 | MoinMoin 1.7.1 allows remote attackers to bypass the textcha protectio ... |
| CVE-2010-0828 | Cross-site scripting (XSS) vulnerability in action/Despam.py in the De ... |
| CVE-2010-0717 | The default configuration of cfg.packagepages_actions_excluded in Moin ... |
| CVE-2010-0669 | MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitiz ... |
| CVE-2010-0668 | Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x befor ... |
| CVE-2010-0667 | MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of th ... |
| CVE-2009-4762 | MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs ... |
| CVE-2009-2324 | Multiple cross-site scripting (XSS) vulnerabilities in FCKeditor befor ... |
| CVE-2009-2265 | Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4 ... |
| CVE-2009-1482 | Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFi ... |
| CVE-2009-0312 | Cross-site scripting (XSS) vulnerability in the antispam feature (secu ... |
| CVE-2009-0260 | Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFi ... |
| CVE-2008-6603 | MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_h ... |
| CVE-2008-6549 | The password_checker function in config/multiconfig.py in MoinMoin 1.6 ... |
| CVE-2008-6548 | The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check t ... |
| CVE-2008-3381 | Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedS ... |
| CVE-2008-1937 | The user form processing (userform.py) in MoinMoin before 1.6.3, when ... |
| CVE-2008-1099 | _macro_Getval in wikimacro.py in MoinMoin 1.5.8 and earlier does not p ... |
| CVE-2008-1098 | Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.5.8 ... |
| CVE-2008-0782 | Directory traversal vulnerability in MoinMoin 1.5.8 and earlier allows ... |
| CVE-2008-0781 | Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFi ... |
| CVE-2008-0780 | Cross-site scripting (XSS) vulnerability in MoinMoin 1.5.x through 1.5 ... |
| CVE-2007-5567 | PHP remote file inclusion vulnerability in _lib/fckeditor/upload_confi ... |
| CVE-2007-5156 | Incomplete blacklist vulnerability in editor/filemanager/upload/php/up ... |
| CVE-2007-3163 | Incomplete blacklist vulnerability in the filemanager in Frederico Cal ... |
| CVE-2007-2637 | MoinMoin before 20070507 does not properly enforce ACLs for calendars ... |
| CVE-2007-2630 | Incomplete blacklist vulnerability in filemanager/browser/default/conn ... |
| CVE-2007-2423 | Cross-site scripting (XSS) vulnerability in index.php in MoinMoin 1.5. ... |
| CVE-2007-0901 | Multiple cross-site scripting (XSS) vulnerabilities in Info pages in M ... |
| CVE-2007-0857 | Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before ... |
| CVE-2006-0658 | Incomplete blacklist vulnerability in connector.php in FCKeditor 2.0 a ... |
| CVE-2004-1463 | Unknown vulnerability in the PageEditor in MoinMoin 1.2.2 and earlier, ... |
| CVE-2004-1462 | Unknown vulnerability in MoinMoin 1.2.2 and earlier allows remote atta ... |
| CVE-2004-0708 | MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges ... |