CVSS: 4.3EPSS: 1%CPEs: 2EXPL: 3CVE-2008-3381
https://notcve.org/view.php?id=CVE-2008-3381
Multiple cross-site scripting (XSS) vulnerabilities in macro/AdvancedSearch.py in moin (and MoinMoin) 1.6.3 and 1.7.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados en macro/AdvancedSearch.py en moin (y MoinMoin)1.6.3 y 1.7.0, permite a atacantes remotos inyectar secuencias de comandos web y HTML de su elección a través vectores no especificados. • http://hg.moinmo.in/moin/1.6/rev/8686a10f1f58 http://hg.moinmo.in/moin/1.7/rev/383196922b03 http://moinmo.in/SecurityFixes http://secunia.com/advisories/31135 http://www.securityfocus.com/bid/30297 http://www.vupen.com/english/advisories/2008/2147/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43899 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •