MoinMoin MOIN_ID Cookie Remote Input Validation Vulnerability

MoinMoin MOIN_ID Cookie Remote Input Validation Vulnerability

MoinMoin is prone to an input-validation vulnerability because it fails to properly sanitize user-supplied cookie data.

An attacker can exploit this issue to gain unauthorized access to the affected application, which may lead to further attacks.

Versions in the MoinMoin 1.5 series are vulnerable.

UPDATE: The 'quicklinks' parameter may be used to insert PHP code into writable files in conjunction with this issue. Attackers could potentially inject executable script code into writable PHP files located outside of the MoinMoin installation.