Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 233560 (CVE-2008-3381) - www-apps/moinmoin macro/ XSS (CVE-2008-3381)
Summary: www-apps/moinmoin macro/ XSS (CVE-2008-3381)
Alias: CVE-2008-3381
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
Whiteboard: B4 [noglsa]
Depends on:
Reported: 2008-08-01 08:45 UTC by Robert Buchholz (RETIRED)
Modified: 2008-08-04 20:40 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Robert Buchholz (RETIRED) gentoo-dev 2008-08-01 08:45:25 UTC
CVE-2008-3381 (
  Multiple cross-site scripting (XSS) vulnerabilities in
  macro/ in moin (and MoinMoin) 1.6.3 and 1.7.0 allow remote
  attackers to inject arbitrary web script or HTML via unspecified vectors.
Comment 1 Gunnar Wrobel (RETIRED) gentoo-dev 2008-08-01 17:19:58 UTC
Added moinmoin-1.7.1.


  amd64 ppc sparc x86
Comment 2 Raúl Porcel (RETIRED) gentoo-dev 2008-08-01 18:15:26 UTC
sparc/x86 stable
Comment 3 Tobias Scherbaum (RETIRED) gentoo-dev 2008-08-03 18:00:18 UTC
ppc stable
Comment 4 Tobias Heinlein (RETIRED) gentoo-dev 2008-08-04 16:42:57 UTC
amd64 stable
Comment 5 Tobias Heinlein (RETIRED) gentoo-dev 2008-08-04 16:43:25 UTC
Ready for vote, I vote NO.
Comment 6 Robert Buchholz (RETIRED) gentoo-dev 2008-08-04 20:40:21 UTC
NO, closing.