CVE-2007-0857
MoinMoin Multiple cross-site scripting (XSS) vulnerabilities
EPSS 1.2%
Description
Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin before 1.5.7 allow remote attackers to inject arbitrary web script or HTML via (1) the page info, or the page name in a (2) AttachFile, (3) RenamePage, or (4) LocalSiteMap action.
How to fix CVE-2007-0857
To remediate CVE-2007-0857, upgrade the affected package to a fixed version below.
- Debian/moin—upgrade to 1.5.3-1.2 or later
- PyPI/moin—upgrade to 1.5.7 or later
Is CVE-2007-0857 being exploited?
Low — EPSS is 1.2%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 1.5.3-1.2
- from 0, < 1.5.7