CVE-2008-6548 Information

Description

The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an included page which allows attackers to read unauthorized include files via unknown vectors.

Reference

http://hg.moinmo.in/moin/1.6/rev/35ff7a9b1546 http://moinmo.in/SecurityFixes http://osvdb.org/48877