PYSEC-2010-13

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/moin/PYSEC-2010-13.yaml
JSON Data
https://api.test.osv.dev/v1/vulns/PYSEC-2010-13
Aliases
Published
2010-03-29T20:30:00Z
Modified
2024-04-29T15:26:38.859396Z
Summary
[none]
Details

MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603.

References

Affected packages

PyPI / moin

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
1.7
Fixed
1.7.3
Introduced
1.8
Fixed
1.8.3