Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/6973?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/6973?format=api", "purl": "pkg:pypi/moin@1.9.0", "type": "pypi", "namespace": "", "name": "moin", "version": "1.9.0", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.9.11", "latest_non_vulnerable_version": "1.9.11", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34788?format=api", "vulnerability_id": "VCID-1fak-dar5-tuet", "summary": "Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to overwrite arbitrary files via unspecified vectors. NOTE: this can be leveraged with CVE-2012-6081 to execute arbitrary code.", "references": [ { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/7e7e1cbb9d3f", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/7e7e1cbb9d3f" }, { "reference_url": "http://moinmo.in/MoinMoinRelease1.9", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/MoinMoinRelease1.9" }, { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6495", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09865", "scoring_system": "epss", "scoring_elements": "0.93131", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6495" }, { "reference_url": "https://bugs.launchpad.net/ubuntu/+source/moin/+bug/1094599", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/ubuntu/+source/moin/+bug/1094599" }, { "reference_url": "http://secunia.com/advisories/51696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51696" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2013-7.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2013-7.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6495", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6495" }, { "reference_url": "https://web.archive.org/web/20151017045319/http://secunia.com/advisories/51696", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20151017045319/http://secunia.com/advisories/51696" }, { "reference_url": "http://ubuntu.com/usn/usn-1680-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://ubuntu.com/usn/usn-1680-1" }, { "reference_url": "http://www.debian.org/security/2012/dsa-2593", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2012/dsa-2593" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/12/29/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2012/12/29/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/12/30/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2012/12/30/4" }, { "reference_url": "https://security.gentoo.org/glsa/201309-14", "reference_id": "GLSA-201309-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-14" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/7494?format=api", "purl": "pkg:pypi/moin@1.9.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" }, { "vulnerability": "VCID-tkp3-e758-suhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.6" } ], "aliases": [ "CVE-2012-6495", "GHSA-6gx4-29v9-g9q5", "PYSEC-2013-7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1fak-dar5-tuet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35009?format=api", "vulnerability_id": "VCID-1kv8-4wn6-yydy", "summary": "MoinMoin 1.9.8 allows remote attackers to conduct \"JavaScript injection\" attacks by using the \"page creation or crafted URL\" approach, related to a \"Cross Site Scripting (XSS)\" issue affecting the action=fckdialog&dialog=attachment (via page name) component.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0025", "scoring_system": "epss", "scoring_elements": "0.48574", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7146" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2016-30.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2016-30.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7146", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7146" }, { "reference_url": "https://web.archive.org/web/20200227212542/http://www.securityfocus.com/bid/94259", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227212542/http://www.securityfocus.com/bid/94259" }, { "reference_url": "https://web.archive.org/web/20200426045730/https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200426045730/https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html" }, { "reference_url": "https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3715", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3715" }, { "reference_url": "http://www.securityfocus.com/bid/94259", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94259" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3137-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-3137-1" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/9453?format=api", "purl": "pkg:pypi/moin@1.9.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.9" } ], "aliases": [ "CVE-2016-7146", "GHSA-fj26-q4vh-85f6", "PYSEC-2016-30" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1kv8-4wn6-yydy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35671?format=api", "vulnerability_id": "VCID-2yaq-3m4p-q3bu", "summary": "MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attacker with write permissions can upload an SVG file that contains malicious javascript. This javascript will be executed in a user's browser when the user is viewing that SVG file on the wiki. Users are strongly advised to upgrade to a patched version. MoinMoin Wiki 1.9.11 has the necessary fixes and also contains other important fixes.", "references": [ { "reference_url": "https://advisory.checkmarx.net/advisory/CX-2020-4285", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://advisory.checkmarx.net/advisory/CX-2020-4285" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15275", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.62018", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15275" }, { "reference_url": "https://github.com/moinwiki/moin-1.9", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin-1.9" }, { "reference_url": "https://github.com/moinwiki/moin-1.9/commit/31de9139d0aabc171e94032168399b4a0b2a88a2", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin-1.9/commit/31de9139d0aabc171e94032168399b4a0b2a88a2" }, { "reference_url": "https://github.com/moinwiki/moin-1.9/releases/tag/1.9.11", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin-1.9/releases/tag/1.9.11" }, { "reference_url": "https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-4q96-6xhq-ff43", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-4q96-6xhq-ff43" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2020-241.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2020-241.yaml" }, { "reference_url": "https://pypi.org/project/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pypi.org/project/moin" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15275", "reference_id": "CVE-2020-15275", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" }, { "value": "6.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15275" }, { "reference_url": "https://github.com/advisories/GHSA-4q96-6xhq-ff43", "reference_id": "GHSA-4q96-6xhq-ff43", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4q96-6xhq-ff43" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18962?format=api", "purl": "pkg:pypi/moin@1.9.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.11" } ], "aliases": [ "CVE-2020-15275", "GHSA-4q96-6xhq-ff43", "PYSEC-2020-241" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2yaq-3m4p-q3bu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34691?format=api", "vulnerability_id": "VCID-3fgh-8nmt-2fgp", "summary": "Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569975", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569975" }, { "reference_url": "http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035374.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035374.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035438.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035438.html" }, { "reference_url": "http://marc.info/?l=oss-security&m=126625972814888&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=oss-security&m=126625972814888&w=2" }, { "reference_url": "http://marc.info/?l=oss-security&m=126676896601156&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=oss-security&m=126676896601156&w=2" }, { "reference_url": "http://moinmo.in/MoinMoinRelease1.8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/MoinMoinRelease1.8" }, { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0668.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0668.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01554", "scoring_system": "epss", "scoring_elements": "0.81765", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0668" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=565604", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=565604" }, { "reference_url": "http://secunia.com/advisories/38444", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/38444" }, { "reference_url": "http://secunia.com/advisories/38709", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/38709" }, { "reference_url": "http://secunia.com/advisories/38903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/38903" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56002", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56002" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-15.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-15.yaml" }, { "reference_url": "https://web.archive.org/web/20111225112846/http://secunia.com/advisories/38903", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20111225112846/http://secunia.com/advisories/38903" }, { "reference_url": "https://web.archive.org/web/20140725192956/http://secunia.com/advisories/38709", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140725192956/http://secunia.com/advisories/38709" }, { "reference_url": "https://web.archive.org/web/20140806190238/http://secunia.com/advisories/38444", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140806190238/http://secunia.com/advisories/38444" }, { "reference_url": "https://web.archive.org/web/20200228174758/http://www.securityfocus.com/bid/38023", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228174758/http://www.securityfocus.com/bid/38023" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2014", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2010/dsa-2014" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/02/15/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2010/02/15/2" }, { "reference_url": "http://www.osvdb.org/62043", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/62043" }, { "reference_url": "http://www.securityfocus.com/bid/38023", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/38023" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0266", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/0266" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0600", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/0600" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0668", "reference_id": "CVE-2010-0668", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0668" }, { "reference_url": "https://github.com/advisories/GHSA-574f-mh6m-c6qm", "reference_id": "GHSA-574f-mh6m-c6qm", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-574f-mh6m-c6qm" }, { "reference_url": "https://security.gentoo.org/glsa/201210-02", "reference_id": "GLSA-201210-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201210-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/6979?format=api", "purl": "pkg:pypi/moin@1.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fak-dar5-tuet" }, { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-3z75-azrr-2qac" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-4q2t-yhg6-k3dg" }, { "vulnerability": "VCID-5dkr-jfqu-4kfq" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-8xsp-chsd-cfhp" }, { "vulnerability": "VCID-9ck2-p7hx-4qex" }, { "vulnerability": "VCID-aduk-vjjh-c3gc" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" }, { "vulnerability": "VCID-qgm9-pnrw-p3ak" }, { "vulnerability": "VCID-tkp3-e758-suhx" }, { "vulnerability": "VCID-xz41-zzdr-6ycb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.2" } ], "aliases": [ "CVE-2010-0668", "GHSA-574f-mh6m-c6qm", "PYSEC-2010-15" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3fgh-8nmt-2fgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34790?format=api", "vulnerability_id": "VCID-3z75-azrr-2qac", "summary": "Cross-site scripting (XSS) vulnerability in the rsslink function in theme/__init__.py in MoinMoin 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the page name in a rss link.", "references": [ { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/c98ec456e493", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/c98ec456e493" }, { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6082", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61461", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6082" }, { "reference_url": "http://secunia.com/advisories/51663", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51663" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2013-23.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2013-23.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6082", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6082" }, { "reference_url": "https://web.archive.org/web/20151023152540/http://secunia.com/advisories/51663", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20151023152540/http://secunia.com/advisories/51663" }, { "reference_url": "https://web.archive.org/web/20200228182002/http://www.securityfocus.com/bid/57089", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228182002/http://www.securityfocus.com/bid/57089" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/12/29/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2012/12/29/7" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/12/30/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2012/12/30/5" }, { "reference_url": "http://www.securityfocus.com/bid/57089", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/57089" }, { "reference_url": "https://security.gentoo.org/glsa/201309-14", "reference_id": "GLSA-201309-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-14" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/7494?format=api", "purl": "pkg:pypi/moin@1.9.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" }, { "vulnerability": "VCID-tkp3-e758-suhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.6" } ], "aliases": [ "CVE-2012-6082", "GHSA-452h-rx28-49w9", "PYSEC-2013-23" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3z75-azrr-2qac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35273?format=api", "vulnerability_id": "VCID-4fn8-ab2r-23dk", "summary": "Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00024.html" }, { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00652", "scoring_system": "epss", "scoring_elements": "0.71281", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5934" }, { "reference_url": "https://github.com/advisories/GHSA-42fp-4hm3-j8r7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-42fp-4hm3-j8r7" }, { "reference_url": "https://github.com/moinwiki/moin-1.9", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin-1.9" }, { "reference_url": "https://github.com/moinwiki/moin-1.9/commit/70955a8eae091cc88fd9a6e510177e70289ec024", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin-1.9/commit/70955a8eae091cc88fd9a6e510177e70289ec024" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2018-47.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2018-47.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00007.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00007.html" }, { "reference_url": "https://usn.ubuntu.com/3794-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://usn.ubuntu.com/3794-1" }, { "reference_url": "https://usn.ubuntu.com/3794-1/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3794-1/" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4318", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2018/dsa-4318" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5934", "reference_id": "CVE-2017-5934", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5934" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/12310?format=api", "purl": "pkg:pypi/moin@1.9.10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.10" } ], "aliases": [ "CVE-2017-5934", "GHSA-42fp-4hm3-j8r7", "PYSEC-2018-47" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4fn8-ab2r-23dk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34791?format=api", "vulnerability_id": "VCID-4q2t-yhg6-k3dg", "summary": "Multiple unrestricted file upload vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users with write permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory, as exploited in the wild in July 2012.", "references": [ { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/7e7e1cbb9d3f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/7e7e1cbb9d3f" }, { "reference_url": "http://moinmo.in/MoinMoinRelease1.9", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/MoinMoinRelease1.9" }, { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6081", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73631", "scoring_system": "epss", "scoring_elements": "0.98829", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6081" }, { "reference_url": "https://bugs.launchpad.net/ubuntu/+source/moin/+bug/1094599", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/ubuntu/+source/moin/+bug/1094599" }, { "reference_url": "http://secunia.com/advisories/51663", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51663" }, { "reference_url": "http://secunia.com/advisories/51676", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51676" }, { "reference_url": "http://secunia.com/advisories/51696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/51696" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2013-6.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2013-6.yaml" }, { "reference_url": "https://web.archive.org/web/20200228165146/http://www.securityfocus.com/bid/57082", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228165146/http://www.securityfocus.com/bid/57082" }, { "reference_url": "http://ubuntu.com/usn/usn-1680-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://ubuntu.com/usn/usn-1680-1" }, { "reference_url": "http://www.debian.org/security/2012/dsa-2593", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2012/dsa-2593" }, { "reference_url": "http://www.exploit-db.com/exploits/25304", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.exploit-db.com/exploits/25304" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/12/29/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2012/12/29/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/12/30/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2012/12/30/4" }, { "reference_url": "http://www.securityfocus.com/bid/57082", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/57082" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6081", "reference_id": "CVE-2012-6081", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:A" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6081" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/26422.rb", "reference_id": "CVE-2012-6495;OSVDB-88825;CVE-2012-6081", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/26422.rb" }, { "reference_url": "https://github.com/advisories/GHSA-m2c4-jgmm-fvq3", "reference_id": "GHSA-m2c4-jgmm-fvq3", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-m2c4-jgmm-fvq3" }, { "reference_url": "https://security.gentoo.org/glsa/201309-14", "reference_id": "GLSA-201309-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-14" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25304.py", "reference_id": "OSVDB-93234;CVE-2012-6495;OSVDB-88825;CVE-2012-6081", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/25304.py" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/7494?format=api", "purl": "pkg:pypi/moin@1.9.6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" }, { "vulnerability": "VCID-tkp3-e758-suhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.6" } ], "aliases": [ "CVE-2012-6081", "GHSA-m2c4-jgmm-fvq3", "PYSEC-2013-6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4q2t-yhg6-k3dg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34689?format=api", "vulnerability_id": "VCID-551s-jjxy-qfer", "summary": "MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors.", "references": [ { "reference_url": "http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.8/raw-file/1.8.7/docs/CHANGES" }, { "reference_url": "http://moinmo.in/MoinMoinRelease1.8", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/MoinMoinRelease1.8" }, { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0669.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0669.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01448", "scoring_system": "epss", "scoring_elements": "0.81106", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0669" }, { "reference_url": "http://secunia.com/advisories/38444", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/38444" }, { "reference_url": "http://secunia.com/advisories/38903", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/38903" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-2.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-2.yaml" }, { "reference_url": "https://web.archive.org/web/20111225112846/http://secunia.com/advisories/38903", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20111225112846/http://secunia.com/advisories/38903" }, { "reference_url": "https://web.archive.org/web/20140806190238/http://secunia.com/advisories/38444", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140806190238/http://secunia.com/advisories/38444" }, { "reference_url": "https://web.archive.org/web/20200228174758/http://www.securityfocus.com/bid/38023", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228174758/http://www.securityfocus.com/bid/38023" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2014", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2010/dsa-2014" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/02/15/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2010/02/15/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/02/15/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2010/02/15/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/02/21/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2010/02/21/2" }, { "reference_url": "http://www.securityfocus.com/bid/38023", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/38023" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0600", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/0600" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0669", "reference_id": "CVE-2010-0669", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0669" }, { "reference_url": "https://github.com/advisories/GHSA-977v-29j9-9rxc", "reference_id": "GHSA-977v-29j9-9rxc", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-977v-29j9-9rxc" }, { "reference_url": "https://security.gentoo.org/glsa/201210-02", "reference_id": "GLSA-201210-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201210-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/6979?format=api", "purl": "pkg:pypi/moin@1.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fak-dar5-tuet" }, { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-3z75-azrr-2qac" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-4q2t-yhg6-k3dg" }, { "vulnerability": "VCID-5dkr-jfqu-4kfq" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-8xsp-chsd-cfhp" }, { "vulnerability": "VCID-9ck2-p7hx-4qex" }, { "vulnerability": "VCID-aduk-vjjh-c3gc" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" }, { "vulnerability": "VCID-qgm9-pnrw-p3ak" }, { "vulnerability": "VCID-tkp3-e758-suhx" }, { "vulnerability": "VCID-xz41-zzdr-6ycb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.2" } ], "aliases": [ "CVE-2010-0669", "GHSA-977v-29j9-9rxc", "PYSEC-2010-2" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-551s-jjxy-qfer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34699?format=api", "vulnerability_id": "VCID-5dkr-jfqu-4kfq", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/LikePages.py, (2) action/chart.py, and (3) action/userprofile.py, a similar issue to CVE-2010-2487.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809" }, { "reference_url": "http://hg.moinmo.in/moin/1.7/rev/37306fba2189", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.7/rev/37306fba2189" }, { "reference_url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES" }, { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/e50b087c4572", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/e50b087c4572" }, { "reference_url": "http://marc.info/?l=oss-security&m=127799369406968&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=oss-security&m=127799369406968&w=2" }, { "reference_url": "http://marc.info/?l=oss-security&m=127809682420259&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=oss-security&m=127809682420259&w=2" }, { "reference_url": "http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg" }, { "reference_url": "http://moinmo.in/MoinMoinRelease1.9", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/MoinMoinRelease1.9" }, { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69786", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2969" }, { "reference_url": "http://secunia.com/advisories/40836", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40836" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-17.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-17.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2969", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2969" }, { "reference_url": "https://web.archive.org/web/20140801154518/http://secunia.com/advisories/40836", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140801154518/http://secunia.com/advisories/40836" }, { "reference_url": "https://web.archive.org/web/20200228150629/http://www.securityfocus.com/bid/40549", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228150629/http://www.securityfocus.com/bid/40549" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2083", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2010/dsa-2083" }, { "reference_url": "http://www.securityfocus.com/bid/40549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40549" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1981", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1981" }, { "reference_url": "https://security.gentoo.org/glsa/201210-02", "reference_id": "GLSA-201210-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201210-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/6981?format=api", "purl": "pkg:pypi/moin@1.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fak-dar5-tuet" }, { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-3z75-azrr-2qac" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-4q2t-yhg6-k3dg" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-h1wf-35g5-5ucz" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" }, { "vulnerability": "VCID-qgm9-pnrw-p3ak" }, { "vulnerability": "VCID-tkp3-e758-suhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.3" } ], "aliases": [ "CVE-2010-2969", "GHSA-2j76-26qq-7rvv", "PYSEC-2010-17" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5dkr-jfqu-4kfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35010?format=api", "vulnerability_id": "VCID-5hn2-1bvq-jfdh", "summary": "MoinMoin 1.9.8 allows remote attackers to conduct \"JavaScript injection\" attacks by using the \"page creation\" approach, related to a \"Cross Site Scripting (XSS)\" issue affecting the action=AttachFile (via page name) component.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7148", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46464", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7148" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2016-31.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2016-31.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7148", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7148" }, { "reference_url": "https://web.archive.org/web/20200227212542/http://www.securityfocus.com/bid/94259", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227212542/http://www.securityfocus.com/bid/94259" }, { "reference_url": "https://web.archive.org/web/20230601130846/https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20230601130846/https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html" }, { "reference_url": "https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.curesec.com/blog/article/blog/MoinMoin-198-XSS-175.html" }, { "reference_url": "https://www.debian.org/security/2016/dsa-3715", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2016/dsa-3715" }, { "reference_url": "https://www.ubuntu.com/usn/USN-3137-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.ubuntu.com/usn/USN-3137-1" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3715", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3715" }, { "reference_url": "http://www.securityfocus.com/bid/94259", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/94259" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3137-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3137-1" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/9453?format=api", "purl": "pkg:pypi/moin@1.9.9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.9" } ], "aliases": [ "CVE-2016-7148", "GHSA-3x76-j3jj-439j", "PYSEC-2016-31" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5hn2-1bvq-jfdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34693?format=api", "vulnerability_id": "VCID-8xsp-chsd-cfhp", "summary": "Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575995", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575995" }, { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/6e603e5411ca", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/6e603e5411ca" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038490.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038490.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038574.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038574.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038706.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038706.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0828.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0828.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0828", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00564", "scoring_system": "epss", "scoring_elements": "0.68745", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0828" }, { "reference_url": "https://bugs.launchpad.net/ubuntu/+source/moin/+bug/538022", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugs.launchpad.net/ubuntu/+source/moin/+bug/538022" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=578801", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=578801" }, { "reference_url": "http://secunia.com/advisories/39188", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/39188" }, { "reference_url": "http://secunia.com/advisories/39190", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/39190" }, { "reference_url": "http://secunia.com/advisories/39267", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/39267" }, { "reference_url": "http://secunia.com/advisories/39284", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/39284" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57435", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57435" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-28.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-28.yaml" }, { "reference_url": "https://web.archive.org/web/20151017002542/http://secunia.com/advisories/39284", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20151017002542/http://secunia.com/advisories/39284" }, { "reference_url": "https://web.archive.org/web/20151017033127/http://secunia.com/advisories/39267", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20151017033127/http://secunia.com/advisories/39267" }, { "reference_url": "https://web.archive.org/web/20151017033557/http://secunia.com/advisories/39190", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20151017033557/http://secunia.com/advisories/39190" }, { "reference_url": "https://web.archive.org/web/20151104183344/http://secunia.com/advisories/39188", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20151104183344/http://secunia.com/advisories/39188" }, { "reference_url": "https://web.archive.org/web/20200228163431/http://www.securityfocus.com/bid/39110", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228163431/http://www.securityfocus.com/bid/39110" }, { "reference_url": "https://web.archive.org/web/20200228163432/http://hg.moinmo.in/moin/1.9/rev/6e603e5411ca", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228163432/http://hg.moinmo.in/moin/1.9/rev/6e603e5411ca" }, { "reference_url": "https://web.archive.org/web/20220927220946/http://hg.moinmo.in/moin/1.9/rev/689e2b04bd4d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20220927220946/http://hg.moinmo.in/moin/1.9/rev/689e2b04bd4d" }, { "reference_url": "https://web.archive.org/web/20221003055226/http://hg.moinmo.in/moin/1.9/rev/788131dd21c3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20221003055226/http://hg.moinmo.in/moin/1.9/rev/788131dd21c3" }, { "reference_url": "https://web.archive.org/web/20221025223621/http://hg.moinmo.in/moin/1.8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20221025223621/http://hg.moinmo.in/moin/1.8" }, { "reference_url": "https://www.debian.org/security/2010/dsa-2024", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2010/dsa-2024" }, { "reference_url": "https://www.ubuntu.com/usn/USN-925-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.ubuntu.com/usn/USN-925-1" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2024", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2010/dsa-2024" }, { "reference_url": "http://www.securityfocus.com/bid/39110", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/39110" }, { "reference_url": "http://www.ubuntu.com/usn/USN-925-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-925-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0767", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/0767" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0831", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/0831" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/0834", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/0834" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0828", "reference_id": "CVE-2010-0828", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0828" }, { "reference_url": "https://github.com/advisories/GHSA-fc72-v54c-x9jg", "reference_id": "GHSA-fc72-v54c-x9jg", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-fc72-v54c-x9jg" }, { "reference_url": "https://security.gentoo.org/glsa/201210-02", "reference_id": "GLSA-201210-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201210-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/6981?format=api", "purl": "pkg:pypi/moin@1.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fak-dar5-tuet" }, { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-3z75-azrr-2qac" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-4q2t-yhg6-k3dg" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-h1wf-35g5-5ucz" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" }, { "vulnerability": "VCID-qgm9-pnrw-p3ak" }, { "vulnerability": "VCID-tkp3-e758-suhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.3" } ], "aliases": [ "CVE-2010-0828", "GHSA-fc72-v54c-x9jg", "PYSEC-2010-28" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8xsp-chsd-cfhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34700?format=api", "vulnerability_id": "VCID-9ck2-p7hx-4qex", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) Page.py, (2) PageEditor.py, (3) PageGraphicalEditor.py, (4) action/CopyPage.py, (5) action/Load.py, (6) action/RenamePage.py, (7) action/backup.py, (8) action/login.py, (9) action/newaccount.py, and (10) action/recoverpass.py.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809" }, { "reference_url": "http://hg.moinmo.in/moin/1.7/rev/37306fba2189", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.7/rev/37306fba2189" }, { "reference_url": "http://hg.moinmo.in/moin/1.8/raw-file/1.8.8/docs/CHANGES", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.8/raw-file/1.8.8/docs/CHANGES" }, { "reference_url": "http://hg.moinmo.in/moin/1.8/rev/4238b0c90871", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.8/rev/4238b0c90871" }, { "reference_url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES" }, { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/68ba3cc79513", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/68ba3cc79513" }, { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/e50b087c4572", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/e50b087c4572" }, { "reference_url": "http://marc.info/?l=oss-security&m=127799369406968&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=oss-security&m=127799369406968&w=2" }, { "reference_url": "http://marc.info/?l=oss-security&m=127809682420259&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=oss-security&m=127809682420259&w=2" }, { "reference_url": "http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg" }, { "reference_url": "http://moinmo.in/MoinMoinRelease1.8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/MoinMoinRelease1.8" }, { "reference_url": "http://moinmo.in/MoinMoinRelease1.9", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/MoinMoinRelease1.9" }, { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2487", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01315", "scoring_system": "epss", "scoring_elements": "0.80186", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2487" }, { "reference_url": "http://secunia.com/advisories/40836", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40836" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-16.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-16.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2487", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2487" }, { "reference_url": "https://web.archive.org/web/20140801154518/http://secunia.com/advisories/40836", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140801154518/http://secunia.com/advisories/40836" }, { "reference_url": "https://web.archive.org/web/20200228150629/http://www.securityfocus.com/bid/40549", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228150629/http://www.securityfocus.com/bid/40549" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2083", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2010/dsa-2083" }, { "reference_url": "http://www.securityfocus.com/bid/40549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40549" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1981", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1981" }, { "reference_url": "https://security.gentoo.org/glsa/201210-02", "reference_id": "GLSA-201210-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201210-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/6981?format=api", "purl": "pkg:pypi/moin@1.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fak-dar5-tuet" }, { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-3z75-azrr-2qac" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-4q2t-yhg6-k3dg" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-h1wf-35g5-5ucz" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" }, { "vulnerability": "VCID-qgm9-pnrw-p3ak" }, { "vulnerability": "VCID-tkp3-e758-suhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.3" } ], "aliases": [ "CVE-2010-2487", "GHSA-5m2m-27cg-7v4v", "PYSEC-2010-16" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ck2-p7hx-4qex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34726?format=api", "vulnerability_id": "VCID-aduk-vjjh-c3gc", "summary": "Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when \"format rst\" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some of these details are obtained from third party information.", "references": [ { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/97208f67798f", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/97208f67798f" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054544.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/054544.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055116.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055116.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055124.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055124.html" }, { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1058", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00844", "scoring_system": "epss", "scoring_elements": "0.75136", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1058" }, { "reference_url": "http://secunia.com/advisories/43413", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43413" }, { "reference_url": "http://secunia.com/advisories/43665", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43665" }, { "reference_url": "http://secunia.com/advisories/50885", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/50885" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65545", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65545" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2011-6.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2011-6.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1058", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-1058" }, { "reference_url": "https://web.archive.org/web/20140720123341/http://secunia.com/advisories/50885", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140720123341/http://secunia.com/advisories/50885" }, { "reference_url": "https://web.archive.org/web/20140721222129/http://secunia.com/advisories/43665", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140721222129/http://secunia.com/advisories/43665" }, { "reference_url": "https://web.archive.org/web/20140802163629/http://secunia.com/advisories/43413", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140802163629/http://secunia.com/advisories/43413" }, { "reference_url": "https://web.archive.org/web/20201202035105/http://www.securityfocus.com/bid/46476", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201202035105/http://www.securityfocus.com/bid/46476" }, { "reference_url": "http://www.debian.org/security/2011/dsa-2321", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2011/dsa-2321" }, { "reference_url": "http://www.securityfocus.com/bid/46476", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/46476" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1604-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-1604-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0455", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0455" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0571", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0571" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0588", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0588" }, { "reference_url": "https://security.gentoo.org/glsa/201210-02", "reference_id": "GLSA-201210-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201210-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/6981?format=api", "purl": "pkg:pypi/moin@1.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fak-dar5-tuet" }, { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-3z75-azrr-2qac" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-4q2t-yhg6-k3dg" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-h1wf-35g5-5ucz" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" }, { "vulnerability": "VCID-qgm9-pnrw-p3ak" }, { "vulnerability": "VCID-tkp3-e758-suhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.3" } ], "aliases": [ "CVE-2011-1058", "GHSA-m9j7-xcj7-42j9", "PYSEC-2011-6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aduk-vjjh-c3gc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34688?format=api", "vulnerability_id": "VCID-faws-7xxv-eudq", "summary": "MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors.", "references": [ { "reference_url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.1/docs/CHANGES" }, { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/04afdde50094", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/04afdde50094" }, { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/9d8e7ce3c3a2" }, { "reference_url": "http://marc.info/?l=oss-security&m=126625972814888&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=oss-security&m=126625972814888&w=2" }, { "reference_url": "http://marc.info/?l=oss-security&m=126676896601156&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=oss-security&m=126676896601156&w=2" }, { "reference_url": "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/MoinMoinChat/Logs/moin-dev/2010-01-18" }, { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0667.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0667.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0667", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00927", "scoring_system": "epss", "scoring_elements": "0.76449", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0667" }, { "reference_url": "http://secunia.com/advisories/38242", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/38242" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-14.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-14.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/01/21/6", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2010/01/21/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/02/15/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2010/02/15/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=557298", "reference_id": "557298", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=557298" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0667", "reference_id": "CVE-2010-0667", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0667" }, { "reference_url": "https://github.com/advisories/GHSA-876c-qmcf-cxv6", "reference_id": "GHSA-876c-qmcf-cxv6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-876c-qmcf-cxv6" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/6974?format=api", "purl": "pkg:pypi/moin@1.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fak-dar5-tuet" }, { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-3fgh-8nmt-2fgp" }, { "vulnerability": "VCID-3z75-azrr-2qac" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-4q2t-yhg6-k3dg" }, { "vulnerability": "VCID-551s-jjxy-qfer" }, { "vulnerability": "VCID-5dkr-jfqu-4kfq" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-8xsp-chsd-cfhp" }, { "vulnerability": "VCID-9ck2-p7hx-4qex" }, { "vulnerability": "VCID-aduk-vjjh-c3gc" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" }, { "vulnerability": "VCID-qgm9-pnrw-p3ak" }, { "vulnerability": "VCID-tkp3-e758-suhx" }, { "vulnerability": "VCID-xz41-zzdr-6ycb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.1" } ], "aliases": [ "CVE-2010-0667", "GHSA-876c-qmcf-cxv6", "PYSEC-2010-14" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-faws-7xxv-eudq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35670?format=api", "vulnerability_id": "VCID-kjqq-u9hy-5yda", "summary": "The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve remote code execution.", "references": [ { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25074", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12807", "scoring_system": "epss", "scoring_elements": "0.94151", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25074" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/moinwiki/moin-1.9/commit/6b96a9060069302996b5af47fd4a388fc80172b7", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin-1.9/commit/6b96a9060069302996b5af47fd4a388fc80172b7" }, { "reference_url": "https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-52q8-877j-gghq", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin-1.9/security/advisories/GHSA-52q8-877j-gghq" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2020-67.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2020-67.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00020.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00020.html" }, { "reference_url": "https://pypi.org/project/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://pypi.org/project/moin" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4787", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.debian.org/security/2020/dsa-4787" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25074", "reference_id": "CVE-2020-25074", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25074" }, { "reference_url": "https://github.com/advisories/GHSA-52q8-877j-gghq", "reference_id": "GHSA-52q8-877j-gghq", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-52q8-877j-gghq" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/18962?format=api", "purl": "pkg:pypi/moin@1.9.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.11" } ], "aliases": [ "CVE-2020-25074", "GHSA-52q8-877j-gghq", "PYSEC-2020-67" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kjqq-u9hy-5yda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34777?format=api", "vulnerability_id": "VCID-qgm9-pnrw-p3ak", "summary": "security/__init__.py in MoinMoin 1.9 through 1.9.4 does not properly handle group names that contain virtual group names such as \"All,\" \"Known,\" or \"Trusted,\" which allows remote authenticated users with virtual group membership to be treated as a member of the group.", "references": [ { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/7b9f39289e16", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/7b9f39289e16" }, { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0099", "scoring_system": "epss", "scoring_elements": "0.77224", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4404" }, { "reference_url": "http://secunia.com/advisories/50474", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/50474" }, { "reference_url": "http://secunia.com/advisories/50496", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/50496" }, { "reference_url": "http://secunia.com/advisories/50885", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/50885" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/moinwiki/moin/commit/b7791166cb3613d07c6e8eea966b4f763b2de660", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin/commit/b7791166cb3613d07c6e8eea966b4f763b2de660" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2012-10.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2012-10.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4404", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4404" }, { "reference_url": "https://web.archive.org/web/20151016233452/http://secunia.com/advisories/50885", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20151016233452/http://secunia.com/advisories/50885" }, { "reference_url": "https://web.archive.org/web/20151017041746/http://secunia.com/advisories/50474", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20151017041746/http://secunia.com/advisories/50474" }, { "reference_url": "https://web.archive.org/web/20151017041755/http://secunia.com/advisories/50496", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20151017041755/http://secunia.com/advisories/50496" }, { "reference_url": "http://www.debian.org/security/2012/dsa-2538", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2012/dsa-2538" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/09/04/4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2012/09/04/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/09/05/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2012/09/05/2" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1604-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-1604-1" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/7397?format=api", "purl": "pkg:pypi/moin@1.9.5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fak-dar5-tuet" }, { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-3z75-azrr-2qac" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-4q2t-yhg6-k3dg" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-h1wf-35g5-5ucz" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" }, { "vulnerability": "VCID-tkp3-e758-suhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.5" } ], "aliases": [ "CVE-2012-4404", "GHSA-g4mx-rm5q-vh24", "PYSEC-2012-10" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qgm9-pnrw-p3ak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35019?format=api", "vulnerability_id": "VCID-tkp3-e758-suhx", "summary": "Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00806", "scoring_system": "epss", "scoring_elements": "0.74514", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7148", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7148" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9119" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2017-20.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2017-20.yaml" }, { "reference_url": "https://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://moinmo.in/SecurityFixes" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9119", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-9119" }, { "reference_url": "https://web.archive.org/web/20200227212253/http://www.securityfocus.com/bid/94501", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200227212253/http://www.securityfocus.com/bid/94501" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3715", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2016/dsa-3715" }, { "reference_url": "http://www.securityfocus.com/bid/94501", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/94501" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3137-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.ubuntu.com/usn/USN-3137-1" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/9452?format=api", "purl": "pkg:pypi/moin@1.9.8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.8" } ], "aliases": [ "CVE-2016-9119", "GHSA-5fq5-pfv8-mrfv", "PYSEC-2017-20" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tkp3-e758-suhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34698?format=api", "vulnerability_id": "VCID-xz41-zzdr-6ycb", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.py, (2) action/anywikidraw.py, and (3) action/language_setup.py, a similar issue to CVE-2010-2487.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809" }, { "reference_url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES" }, { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/4fe9951788cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/4fe9951788cb" }, { "reference_url": "http://hg.moinmo.in/moin/1.9/rev/e50b087c4572", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://hg.moinmo.in/moin/1.9/rev/e50b087c4572" }, { "reference_url": "http://marc.info/?l=oss-security&m=127799369406968&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=oss-security&m=127799369406968&w=2" }, { "reference_url": "http://marc.info/?l=oss-security&m=127809682420259&w=2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://marc.info/?l=oss-security&m=127809682420259&w=2" }, { "reference_url": "http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg" }, { "reference_url": "http://moinmo.in/MoinMoinRelease1.9", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/MoinMoinRelease1.9" }, { "reference_url": "http://moinmo.in/SecurityFixes", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://moinmo.in/SecurityFixes" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2970", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00598", "scoring_system": "epss", "scoring_elements": "0.69786", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2970" }, { "reference_url": "http://secunia.com/advisories/40836", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/40836" }, { "reference_url": "https://github.com/moinwiki/moin", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/moinwiki/moin" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-18.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/moin/PYSEC-2010-18.yaml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2970", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2970" }, { "reference_url": "https://web.archive.org/web/20140801154518/http://secunia.com/advisories/40836", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20140801154518/http://secunia.com/advisories/40836" }, { "reference_url": "https://web.archive.org/web/20200228150629/http://www.securityfocus.com/bid/40549", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228150629/http://www.securityfocus.com/bid/40549" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2083", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2010/dsa-2083" }, { "reference_url": "http://www.securityfocus.com/bid/40549", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/40549" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/1981", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/1981" }, { "reference_url": "https://security.gentoo.org/glsa/201210-02", "reference_id": "GLSA-201210-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201210-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/6981?format=api", "purl": "pkg:pypi/moin@1.9.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1fak-dar5-tuet" }, { "vulnerability": "VCID-1kv8-4wn6-yydy" }, { "vulnerability": "VCID-2yaq-3m4p-q3bu" }, { "vulnerability": "VCID-3z75-azrr-2qac" }, { "vulnerability": "VCID-4fn8-ab2r-23dk" }, { "vulnerability": "VCID-4q2t-yhg6-k3dg" }, { "vulnerability": "VCID-5hn2-1bvq-jfdh" }, { "vulnerability": "VCID-h1wf-35g5-5ucz" }, { "vulnerability": "VCID-kjqq-u9hy-5yda" }, { "vulnerability": "VCID-qgm9-pnrw-p3ak" }, { "vulnerability": "VCID-tkp3-e758-suhx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.3" } ], "aliases": [ "CVE-2010-2970", "GHSA-gxh5-r8gp-pjc3", "PYSEC-2010-18" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xz41-zzdr-6ycb" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.0" }