{"id":"CVE-2009-0312","details":"Cross-site scripting (XSS) vulnerability in the antispam feature (security/antispam.py) in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content.","aliases":["GHSA-cx94-3h5x-cc57"],"modified":"2024-05-14T20:59:08.819800Z","published":"2009-01-28T01:30:03Z","withdrawn":"2024-06-30T13:40:11.771476Z","references":[{"type":"ADVISORY","url":"http://moinmo.in/SecurityFixes#moin1.8.1"},{"type":"ADVISORY","url":"http://secunia.com/advisories/33716"},{"type":"ADVISORY","url":"http://secunia.com/advisories/33755"},{"type":"ADVISORY","url":"https://www.debian.org/security/2009/dsa-1715"},{"type":"WEB","url":"http://hg.moinmo.in/moin/1.7/rev/89b91bf87dad"},{"type":"WEB","url":"http://hg.moinmo.in/moin/1.8/rev/89b91bf87dad"},{"type":"WEB","url":"http://osvdb.org/51632"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2009/01/27/4"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/48306"},{"type":"WEB","url":"https://usn.ubuntu.com/716-1/"}],"affected":[{"package":{"name":"moin","ecosystem":"Debian:10","purl":"pkg:deb/debian/moin?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.1-1.1"}]}],"ecosystem_specific":{"urgency":"low"},"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2009-0312.json"}}],"schema_version":"1.7.3"}