{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34698?format=json","vulnerability_id":"VCID-xz41-zzdr-6ycb","summary":"Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote attackers to inject arbitrary web script or HTML via crafted content, related to (1) action/SlideShow.py, (2) action/anywikidraw.py, and (3) action/language_setup.py, a similar issue to CVE-2010-2487.","aliases":[{"alias":"CVE-2010-2970"},{"alias":"PYSEC-2010-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6981?format=json","purl":"pkg:pypi/moin@1.9.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1fak-dar5-tuet"},{"vulnerability":"VCID-1kv8-4wn6-yydy"},{"vulnerability":"VCID-2yaq-3m4p-q3bu"},{"vulnerability":"VCID-3z75-azrr-2qac"},{"vulnerability":"VCID-4fn8-ab2r-23dk"},{"vulnerability":"VCID-4q2t-yhg6-k3dg"},{"vulnerability":"VCID-5hn2-1bvq-jfdh"},{"vulnerability":"VCID-h1wf-35g5-5ucz"},{"vulnerability":"VCID-kjqq-u9hy-5yda"},{"vulnerability":"VCID-qgm9-pnrw-p3ak"},{"vulnerability":"VCID-tkp3-e758-suhx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.3"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6973?format=json","purl":"pkg:pypi/moin@1.9.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1fak-dar5-tuet"},{"vulnerability":"VCID-1kv8-4wn6-yydy"},{"vulnerability":"VCID-2yaq-3m4p-q3bu"},{"vulnerability":"VCID-3fgh-8nmt-2fgp"},{"vulnerability":"VCID-3z75-azrr-2qac"},{"vulnerability":"VCID-4fn8-ab2r-23dk"},{"vulnerability":"VCID-4q2t-yhg6-k3dg"},{"vulnerability":"VCID-551s-jjxy-qfer"},{"vulnerability":"VCID-5dkr-jfqu-4kfq"},{"vulnerability":"VCID-5hn2-1bvq-jfdh"},{"vulnerability":"VCID-8xsp-chsd-cfhp"},{"vulnerability":"VCID-9ck2-p7hx-4qex"},{"vulnerability":"VCID-aduk-vjjh-c3gc"},{"vulnerability":"VCID-faws-7xxv-eudq"},{"vulnerability":"VCID-kjqq-u9hy-5yda"},{"vulnerability":"VCID-qgm9-pnrw-p3ak"},{"vulnerability":"VCID-tkp3-e758-suhx"},{"vulnerability":"VCID-xz41-zzdr-6ycb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.0"},{"url":"http://public2.vulnerablecode.io/api/packages/6974?format=json","purl":"pkg:pypi/moin@1.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1fak-dar5-tuet"},{"vulnerability":"VCID-1kv8-4wn6-yydy"},{"vulnerability":"VCID-2yaq-3m4p-q3bu"},{"vulnerability":"VCID-3fgh-8nmt-2fgp"},{"vulnerability":"VCID-3z75-azrr-2qac"},{"vulnerability":"VCID-4fn8-ab2r-23dk"},{"vulnerability":"VCID-4q2t-yhg6-k3dg"},{"vulnerability":"VCID-551s-jjxy-qfer"},{"vulnerability":"VCID-5dkr-jfqu-4kfq"},{"vulnerability":"VCID-5hn2-1bvq-jfdh"},{"vulnerability":"VCID-8xsp-chsd-cfhp"},{"vulnerability":"VCID-9ck2-p7hx-4qex"},{"vulnerability":"VCID-aduk-vjjh-c3gc"},{"vulnerability":"VCID-kjqq-u9hy-5yda"},{"vulnerability":"VCID-qgm9-pnrw-p3ak"},{"vulnerability":"VCID-tkp3-e758-suhx"},{"vulnerability":"VCID-xz41-zzdr-6ycb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/6979?format=json","purl":"pkg:pypi/moin@1.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1fak-dar5-tuet"},{"vulnerability":"VCID-1kv8-4wn6-yydy"},{"vulnerability":"VCID-2yaq-3m4p-q3bu"},{"vulnerability":"VCID-3z75-azrr-2qac"},{"vulnerability":"VCID-4fn8-ab2r-23dk"},{"vulnerability":"VCID-4q2t-yhg6-k3dg"},{"vulnerability":"VCID-5dkr-jfqu-4kfq"},{"vulnerability":"VCID-5hn2-1bvq-jfdh"},{"vulnerability":"VCID-8xsp-chsd-cfhp"},{"vulnerability":"VCID-9ck2-p7hx-4qex"},{"vulnerability":"VCID-aduk-vjjh-c3gc"},{"vulnerability":"VCID-kjqq-u9hy-5yda"},{"vulnerability":"VCID-qgm9-pnrw-p3ak"},{"vulnerability":"VCID-tkp3-e758-suhx"},{"vulnerability":"VCID-xz41-zzdr-6ycb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/moin@1.9.2"}],"references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584809"},{"reference_url":"http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES","reference_id":"","reference_type":"","scores":[],"url":"http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES"},{"reference_url":"http://hg.moinmo.in/moin/1.9/rev/4fe9951788cb","reference_id":"","reference_type":"","scores":[],"url":"http://hg.moinmo.in/moin/1.9/rev/4fe9951788cb"},{"reference_url":"http://hg.moinmo.in/moin/1.9/rev/e50b087c4572","reference_id":"","reference_type":"","scores":[],"url":"http://hg.moinmo.in/moin/1.9/rev/e50b087c4572"},{"reference_url":"http://marc.info/?l=oss-security&m=127799369406968&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=oss-security&m=127799369406968&w=2"},{"reference_url":"http://marc.info/?l=oss-security&m=127809682420259&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=oss-security&m=127809682420259&w=2"},{"reference_url":"http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg","reference_id":"","reference_type":"","scores":[],"url":"http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg"},{"reference_url":"http://moinmo.in/MoinMoinRelease1.9","reference_id":"","reference_type":"","scores":[],"url":"http://moinmo.in/MoinMoinRelease1.9"},{"reference_url":"http://moinmo.in/SecurityFixes","reference_id":"","reference_type":"","scores":[],"url":"http://moinmo.in/SecurityFixes"},{"reference_url":"http://secunia.com/advisories/40836","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/40836"},{"reference_url":"http://www.debian.org/security/2010/dsa-2083","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2010/dsa-2083"},{"reference_url":"http://www.securityfocus.com/bid/40549","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/40549"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1981","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/1981"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xz41-zzdr-6ycb"}