- Home
- CVEs with nessus.description==The MoinMoin install hosted on the remote web server fails to properly sanitize user-supplied input in the 'page_name' parameter when creating an rss link. An attacker may be able to leverage this issue to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the affected site.
Note that the application is also reportedly affected by a directory traversal vulnerability (CVE-2012-6080) as well as a remote code execution vulnerability (CVE-2012-6081). Nessus has not, however, tested for these additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top