FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  375358
Date:      2014-12-23
Time:      21:24:55Z
Committer: rea

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
4c017345-1d89-11e0-bbee-0014a5e3cda6MoinMoin -- cross-site scripting vulnerabilities

The MoinMoin developers reports:

Fix XSS in Despam action (CVE-2010-0828)

Fix XSS issues

  • by escaping template name in messages
  • by fixing other places that had similar issues

Discovery 2010-04-05
Entry 2011-01-11
moinmoin
lt 1.9.3

39110
CVE-2010-0828
http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES
http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg
4a8a98ab-f745-11e1-8bd8-0022156e8794moinmoin -- cross-site scripting via RST parser

MITRE CVE team reports:

Cross-site scripting (XSS) vulnerability in the reStructuredText (rst) parser in parser/text_rst.py in MoinMoin before 1.9.4, when docutils is installed or when "format rst" is set, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the refuri attribute.


Discovery 2011-02-21
Entry 2012-09-05
moinmoin
lt 1.9.4

46476
CVE-2011-1058
http://moinmo.in/SecurityFixes
4c017345-1d89-11e0-bbee-0014a5e3cda6MoinMoin -- cross-site scripting vulnerabilities

The MoinMoin developers reports:

Fix XSS in Despam action (CVE-2010-0828)

Fix XSS issues

  • by escaping template name in messages
  • by fixing other places that had similar issues

Discovery 2010-04-05
Entry 2011-01-11
moinmoin
lt 1.9.3

39110
CVE-2010-0828
http://hg.moinmo.in/moin/1.9/raw-file/1.9.3/docs/CHANGES
http://moinmo.in/MoinMoinBugs/1.9.2UnescapedInputForThemeAddMsg