Ubuntu Security Notice 925-1 – It was discovered that MoinMoin did not properly sanitize its input when processing Despam actions, resulting in cross-site scripting (XSS) vulnerabilities. If a privileged wiki user were tricked into performing the Despam action on a page with a crafted title, a remote attacker could exploit this to execute JavaScript code. It was discovered that the TextCha protection in MoinMoin could be bypassed by submitting a crafted form request. This issue only affected Ubuntu 8.10.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/88190/USN-925-1.txt
Source: https://packetstormsecurity.com/files/88190/Ubuntu-Security-Notice-925-1.html