CVE-2009-0312 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0312): Cross-site scripting (XSS) vulnerability in the antispam feature (security/antispam.py) in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content.
Patch: http://hg.moinmo.in/moin/1.7/rev/89b91bf87dad http://hg.moinmo.in/moin/1.8/rev/89b91bf87dad