VulnerableCode Package Details - pkg:ebuild/www-apps/moinmoin@1.9.4

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-3fgh-8nmt-2fgp	Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.	CVE-2010-0668 GHSA-574f-mh6m-c6qm PYSEC-2010-15
VCID-3jrf-8f67-y7b4		CVE-2010-1238
VCID-551s-jjxy-qfer	MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors.	CVE-2010-0669 GHSA-977v-29j9-9rxc PYSEC-2010-2
VCID-5dkr-jfqu-4kfq	Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/LikePages.py, (2) action/chart.py, and (3) action/userprofile.py, a similar issue to CVE-2010-2487.	CVE-2010-2969 GHSA-2j76-26qq-7rvv PYSEC-2010-17
VCID-8xsp-chsd-cfhp	Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI.	CVE-2010-0828 GHSA-fc72-v54c-x9jg PYSEC-2010-28
VCID-9ck2-p7hx-4qex	Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) Page.py, (2) PageEditor.py, (3) PageGraphicalEditor.py, (4) action/CopyPage.py, (5) action/Load.py, (6) action/RenamePage.py, (7) action/backup.py, (8) action/login.py, (9) action/newaccount.py, and (10) action/recoverpass.py.	CVE-2010-2487 GHSA-5m2m-27cg-7v4v PYSEC-2010-16
VCID-aduk-vjjh-c3gc	Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some of these details are obtained from third party information.	CVE-2011-1058 GHSA-m9j7-xcj7-42j9 PYSEC-2011-6
VCID-qcmp-zvgm-8bcm	The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors.	CVE-2010-0717 GHSA-5jjr-gmq3-f986 PYSEC-2010-3
VCID-xz41-zzdr-6ycb	Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.py, (2) action/anywikidraw.py, and (3) action/language_setup.py, a similar issue to CVE-2010-2487.	CVE-2010-2970 GHSA-gxh5-r8gp-pjc3 PYSEC-2010-18

Vulnerability

Summary

Aliases

VCID-3fgh-8nmt-2fgp

Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or OpenID configured.

CVE-2010-0668
GHSA-574f-mh6m-c6qm
PYSEC-2010-15

VCID-3jrf-8f67-y7b4

CVE-2010-1238

VCID-551s-jjxy-qfer

MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has unspecified impact and attack vectors.

CVE-2010-0669
GHSA-977v-29j9-9rxc
PYSEC-2010-2

VCID-5dkr-jfqu-4kfq

Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/LikePages.py, (2) action/chart.py, and (3) action/userprofile.py, a similar issue to CVE-2010-2487.

CVE-2010-2969
GHSA-2j76-26qq-7rvv
PYSEC-2010-17

VCID-8xsp-chsd-cfhp

Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI.

CVE-2010-0828
GHSA-fc72-v54c-x9jg
PYSEC-2010-28

VCID-9ck2-p7hx-4qex

Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8.8, and 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) Page.py, (2) PageEditor.py, (3) PageGraphicalEditor.py, (4) action/CopyPage.py, (5) action/Load.py, (6) action/RenamePage.py, (7) action/backup.py, (8) action/login.py, (9) action/newaccount.py, and (10) action/recoverpass.py.

CVE-2010-2487
GHSA-5m2m-27cg-7v4v
PYSEC-2010-16

VCID-aduk-vjjh-c3gc

Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.3, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute. NOTE: some of these details are obtained from third party information.

CVE-2011-1058
GHSA-m9j7-xcj7-42j9
PYSEC-2011-6

VCID-qcmp-zvgm-8bcm

The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors.

CVE-2010-0717
GHSA-5jjr-gmq3-f986
PYSEC-2010-3

VCID-xz41-zzdr-6ycb

Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.py, (2) action/anywikidraw.py, and (3) action/language_setup.py, a similar issue to CVE-2010-2487.

CVE-2010-2970
GHSA-gxh5-r8gp-pjc3
PYSEC-2010-18

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-04T19:14:48.961888+00:00	Gentoo Importer	Fixing	VCID-aduk-vjjh-c3gc	https://security.gentoo.org/glsa/201210-02	38.6.0
2026-06-04T19:14:48.945554+00:00	Gentoo Importer	Fixing	VCID-xz41-zzdr-6ycb	https://security.gentoo.org/glsa/201210-02	38.6.0
2026-06-04T19:14:48.929320+00:00	Gentoo Importer	Fixing	VCID-5dkr-jfqu-4kfq	https://security.gentoo.org/glsa/201210-02	38.6.0
2026-06-04T19:14:48.913345+00:00	Gentoo Importer	Fixing	VCID-9ck2-p7hx-4qex	https://security.gentoo.org/glsa/201210-02	38.6.0
2026-06-04T19:14:48.896907+00:00	Gentoo Importer	Fixing	VCID-3jrf-8f67-y7b4	https://security.gentoo.org/glsa/201210-02	38.6.0
2026-06-04T19:14:48.880990+00:00	Gentoo Importer	Fixing	VCID-8xsp-chsd-cfhp	https://security.gentoo.org/glsa/201210-02	38.6.0
2026-06-04T19:14:48.863213+00:00	Gentoo Importer	Fixing	VCID-qcmp-zvgm-8bcm	https://security.gentoo.org/glsa/201210-02	38.6.0
2026-06-04T19:14:48.846005+00:00	Gentoo Importer	Fixing	VCID-551s-jjxy-qfer	https://security.gentoo.org/glsa/201210-02	38.6.0
2026-06-04T19:14:48.830039+00:00	Gentoo Importer	Fixing	VCID-3fgh-8nmt-2fgp	https://security.gentoo.org/glsa/201210-02	38.6.0