CVE-2020-15275

Name of the Vulnerable Software and Affected Versions: MoinMoin versions prior to 1.9.11

Description: The issue is related to the insufficient protection measures of web page structures in the MoinMoin wiki platform, specifically concerning the upload of SVG files. An attacker with write permissions can upload an SVG file containing malicious javascript, which will be executed in a user's browser when viewing the SVG file. This can impact the integrity of the data.

Recommendations: For versions prior to 1.9.11, upgrade to MoinMoin Wiki 1.9.11, which contains the necessary fixes. As a temporary workaround, consider restricting write permissions to only trusted users. Additionally, implementing a Content Security Policy in the web server might be a possible workaround, but upgrading to a patched version is strongly advised.