Moderate severityNVD Advisory· Published Feb 13, 2007· Updated Apr 23, 2026

CVE-2007-0901

Description

Multiple cross-site scripting (XSS) vulnerabilities in Info pages in MoinMoin 1.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) hitcounts and (2) general parameters, different vectors than CVE-2007-0857. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
MoinPyPI	< 1.5.8	1.5.8

Affected products

Moinmoin/Moinmoin
cpe:2.3:a:moinmoin:moinmoin:1.5.7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/24138nvdVendor Advisory
github.com/advisories/GHSA-9gj2-ph57-56f5ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2007-0901ghsaADVISORY
www.ubuntu.com/usn/usn-423-1nvdWEB
moinmo.in/MoinMoinRelease1.5/CHANGESghsaWEB
web.archive.org/web/20070214032031/http://secunia.com/advisories/24138ghsaWEB
web.archive.org/web/20070227204439/http://secunia.com/advisories/24244ghsaWEB
web.archive.org/web/20080516214454/http://www.securityfocus.com/bid/22515ghsaWEB
osvdb.org/33172nvd
secunia.com/advisories/24244nvd
www.securityfocus.com/bid/22515nvd

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000