MoinMoin Wiki (path traversal vulnerability) | BOT24

MoinMoin Wiki (path traversal vulnerability)

There is a path traversal issue in MoinMoin wiki (version 1.9.3 -
1.9.5). The vulnerability resides in the AttachFile action (function
_do_attachment_move in action/ It fails to properly
sanitize file names.

Details can be found at:

A fix is available at:

kind regards,
Tilmann Haak

//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information

Share on Google Plus

About Bradley Susser

    Blogger Comment
    Facebook Comment


Post a Comment