Patches for MoinMoin Wiki system
The developers of the Python-based MoinMoin Wiki system have closed two XSS vulnerabilities and a directory traversal hole. Insufficient filtering of submitted user names in the action/login.py
login script allowed injected JavaScript code to be executed in the victim's browser. The same applied to the action/AttachFile.py
file upload script containing JavaScript in the message
, pagename
and target
parameters.
A directory traversal hole was reported to allow attackers to use specially crafted cookies to traverse the data/user/
directory and compromise systems by overwriting files. The flaw occurred in the user.py
script when processing certain IDs in the cookie. Only version 1.5.x contained the latter vulnerability. Apart from the updated version 1.6.1, the developers have also made patches for 1.6 and 1.5.x available for download.
See also:
- Security fix: only accept valid user IDs from the cookie, patch by MoinMoin
- XSS fix for login action, patch by MoinMoin
- Fx XSS issues in AttachFile action, patch by MoinMoin
- XSS fix for login action (port from 1.5), patch by MoinMoin
(mba)