5
CVE-2008-6548
- EPSS 1%
- Veröffentlicht 30.03.2009 01:30:00
- Zuletzt bearbeitet 16.06.2026 23:02:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an included page, which allows attackers to read unauthorized include files via unknown vectors.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1% | 0.584 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.
http://moinmo.in/SecurityFixes
http://hg.moinmo.in/moin/1.6/rev/35ff7a9b1546
http://osvdb.org/48877