GHSA-7jrp-r6jx-32cw
Suggest an improvement- Source
- https://github.com/advisories/GHSA-7jrp-r6jx-32cw
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-7jrp-r6jx-32cw/GHSA-7jrp-r6jx-32cw.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-7jrp-r6jx-32cw
- Aliases
-
- CVE-2004-0708
- Published
- 2022-04-29T02:58:13Z
- Modified
- 2024-05-09T16:41:46.000665Z
- Summary
- MoinMoin allows administrative access
- Details
-
MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges.
- Database specific
{ "nvd_published_at": "2004-07-27T04:00:00Z", "cwe_ids": [], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-05-09T16:04:59Z" }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2004-0708
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16465
- http://secunia.com/advisories/11807
- http://sourceforge.net/tracker/index.php?func=detail&aid=948103&group_id=8482&atid=108482
- http://www.gentoo.org/security/en/glsa/glsa-200407-09.xml
- http://www.osvdb.org/6704
- http://www.securityfocus.com/bid/10568
Affected packages
PyPI / moin
Package
- Name
- moin
- View open source insights on deps.dev
- Purl
- pkg:pypi/moin