MoinMoin before 20070507 does not properly enforce ACLs for calendars and includes, which allows remote attackers to read certain pages via unspecified vectors.Referenceshttp://osvdb.org/36269http://secunia.com/advisories/29262http://secunia.com/advisories/25208https://exchange.xforce.ibmcloud.com/vulnerabilities/34474http://www.ubuntu.com/usn/usn-458-1http://www.debian.org/security/2008/dsa-1514
