The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an included page, which allows attackers to read unauthorized include files via unknown vectors.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
GHSA-jhxw-4hw4-mhh7 | MoinMoin improper access control on the included page for the rst parser |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-09-16T19:14:37.149Z
Reserved: 2009-03-29T00:00:00Z
Link: CVE-2008-6548

No data.

Status : Deferred
Published: 2009-03-30T01:30:00.500
Modified: 2025-04-09T00:30:58.490
Link: CVE-2008-6548

No data.

No data.