oss-sec mailing list archives
CVE Request: MoinMoin
From: Jamie Strandboge <jamie () canonical com>
Date: Tue, 27 Jan 2009 15:02:41 -0600
I just now noticed this in the public MoinMoin mercurial commits: Fixed XSS issue in antispam The commit is: http://hg.moinmo.in/moin/1.7/rev/89b91bf87dad I haven't tried to reproduce it or anything, but the fix was simply to perform wikiutil.escape(match.group()), so it seems valid. Jamie -- Ubuntu Security Engineer | http://www.ubuntu.com/ Canonical Ltd. | http://www.canonical.com/
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE Request: MoinMoin Jamie Strandboge (Jan 27)
- Re: CVE Request: MoinMoin Steven M. Christey (Jan 27)