Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin 1.8.7 and 1.9.2 allows remote authenticated users to inject arbitrary web script or HTML by creating a page with a crafted URI.
https://exchange.xforce.ibmcloud.com/vulnerabilities/57435
http://www.vupen.com/english/advisories/2010/0834
http://www.vupen.com/english/advisories/2010/0831
http://www.vupen.com/english/advisories/2010/0767
http://www.ubuntu.com/usn/USN-925-1
http://www.securityfocus.com/bid/39110
http://www.debian.org/security/2010/dsa-2024
http://secunia.com/advisories/39284
http://secunia.com/advisories/39267
http://secunia.com/advisories/39190
http://secunia.com/advisories/39188
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038706.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038574.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038490.html