Description
Some input string are not quoted properly. This can be used for cross site scripting (XSS).
Ask FlorianFesti for details.
Additionally, some parsers might reveal user's original input.
Ask AlexanderSchremmer for details.
Details
MoinMoin Version |
1.1 - 1.3 |
Workaround
Plan
- Priority: HIGH
- Assigned to:
Status: Fixed in moin--main--1.3/patch-490, moin--main--1.3/patch-520