2009-03-30 01:00:00
mitre
PUBLISHED
The rst parser (parser/text_rst.py) in MoinMoin 1.6.1 does not check the ACL of an included page, which allows attackers to read unauthorized include files via unknown vectors.