Moderate severityNVD Advisory· Published Jan 28, 2009· Updated Apr 23, 2026
CVE-2009-0312
CVE-2009-0312
Description
Cross-site scripting (XSS) vulnerability in the antispam feature (security/antispam.py) in MoinMoin 1.7 and 1.8.1 allows remote attackers to inject arbitrary web script or HTML via crafted, disallowed content.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moinPyPI | < 1.8.2 | 1.8.2 |
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
16- moinmo.in/SecurityFixesnvdVendor AdvisoryWEB
- github.com/advisories/GHSA-cx94-3h5x-cc57ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2009-0312ghsaADVISORY
- osvdb.org/51632nvdWEB
- secunia.com/advisories/33716nvdWEB
- secunia.com/advisories/33755nvdWEB
- www.openwall.com/lists/oss-security/2009/01/27/4nvdWEB
- exchange.xforce.ibmcloud.com/vulnerabilities/48306nvdWEB
- usn.ubuntu.com/716-1ghsaWEB
- web.archive.org/web/20090323075215/http://hg.moinmo.in/moin/1.8/raw-file/1.8.2/docs/CHANGESghsaWEB
- web.archive.org/web/20100825000634/http://hg.moinmo.in/moin/1.7/rev/89b91bf87dadghsaWEB
- web.archive.org/web/20200228151935/http://hg.moinmo.in/moin/1.8/rev/89b91bf87dadghsaWEB
- www.debian.org/security/2009/dsa-1715nvdWEB
- hg.moinmo.in/moin/1.7/rev/89b91bf87dadnvd
- hg.moinmo.in/moin/1.8/rev/89b91bf87dadnvd
- usn.ubuntu.com/716-1/nvd
News mentions
0No linked articles in our index yet.