|Main Archive Page > Month Archives > oss-security archives|
I just ran across this ID from MITRE:
MoinMoin 1.7.1 allows remote attackers to bypass the textcha
protection mechanism by modifying the textcha-question and
textcha-answer fields to have empty values.
The only data I can find on this is from the Debian DSA, and the
information is quite slim. Can someone shed more light on this flaw?