CVE-2008-6603

MoinMoin Access Restrictions Bypassed due to improper ACL enforcement in pypi/moin

Identifiers

GHSA-wc8w-gh5m-62fv, CVE-2008-6603

Package Slug

pypi/moin

Vulnerability

MoinMoin Access Restrictions Bypassed due to improper ACL enforcement

Description

MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when acl_hierarchic is set to True, which might allow remote attackers to bypass intended access restrictions, a different vulnerability than CVE-2008-1937.

Affected Versions

All versions before 1.6.3, version 1.7

Solution

Upgrade to versions 1.6.3, 1.7.1 or above.

Last Modified

2024-02-12

source