CVE-2020-15275
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-15275
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-15275.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2020-15275
- Aliases
- Related
- Published
- 2020-11-11T16:15:13Z
- Modified
- 2025-01-08T10:28:21.829552Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
MoinMoin is a wiki engine. In MoinMoin before version 1.9.11, an attacker with write permissions can upload an SVG file that contains malicious javascript. This javascript will be executed in a user's browser when the user is viewing that SVG file on the wiki. Users are strongly advised to upgrade to a patched version. MoinMoin Wiki 1.9.11 has the necessary fixes and also contains other important fixes.
- References
Affected packages
Git / github.com/moinwiki/moin-1.9
Affected ranges
- Type
- GIT
- Repo
- https://github.com/moinwiki/moin-1.9
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
1.*
1.5.0
1.5.0beta1
1.5.0beta2
1.5.0beta3
1.5.0beta4
1.5.0beta5
1.5.0beta6
1.5.0rc1
1.5.1
1.5.2
1.5.2rc1
1.5.3
1.5.3-rc1
1.5.3-rc2
1.6a
1.7.0
1.7.0beta1
1.7.0beta2
1.7.0rc1
1.7.0rc2
1.7.0rc3
1.7.1
1.7.2
1.7.3
1.8.0
1.8.0beta1
1.8.0beta2
1.8.0beta3
1.8.0rc1
1.8.1
1.8.2
1.8.3
1.8.4
1.8.5
1.8.6
1.8.7
1.9.0
1.9.0beta1
1.9.0beta2
1.9.0beta3
1.9.0beta4
1.9.0rc1
1.9.0rc2
1.9.1
1.9.10
1.9.2
1.9.3
1.9.4
1.9.5
1.9.6
1.9.7
1.9.8
1.9.9
Other
SOC2006-START
SOC2007-START
SOC2008-END
SOC2008-START