Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Tue, 24 Jan 2012 21:07:03 +0100
From: Nicolas Grégoire <>
Subject: XSLT issue in MoinMoin


some vulnerabilities have been published with version 1.9.3 of
MoinMoin :

The XSS already has a CVE but not the XSLT issue. This issue is very
similar to CVE-2012-0057 patched in PHP 5.3.9 (except the XSLT engine
which is here '4Suite').

The patch is simply a documentation update, given that 4Suite (afaik)
doesn't allow to desactivate its extensions :

Nicolas Grégoire

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ