Multiple cross-site scripting (XSS) vulnerabilities in action/AttachFile.py in MoinMoin 1.5.8 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) message, (2) pagename, and (3) target filenames.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| moin(PyPI) | 0 | N/A | N/A |
CVSS Metrics
