Debian DSA-2321-1 : moin - XSS

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.


Synopsis :

The remote Debian host is missing a security-related update.

Description :

A cross-site scripting vulnerability was discovered in the
reStructuredText parser of Moin, a Python clone of WikiWiki.

See also :

http://www.debian.org/security/2011/dsa-2321

Solution :

Upgrade the moin packages.

For the oldstable distribution (lenny), this problem has been fixed in
version 1.7.1-3+lenny6.

For the stable distribution (squeeze), this problem has been fixed in
version 1.9.3-1+squeeze1.

Risk factor :

Low / CVSS Base Score : 2.6
(CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 2.1
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Debian Local Security Checks

Nessus Plugin ID: 56443 ()

Bugtraq ID: 46476

CVE ID: CVE-2011-1058