exploitDog

CVE-2009-0500

Опубликовано: 04 фев. 2009

Источник: redhat

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4 allows remote attackers to inject arbitrary web script or HTML via crafted log table information that is not properly handled when it is displayed in a log report.

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2009-0500

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-79

https://bugzilla.redhat.com/show_bug.cgi?id=484922moodle: XSS vuln due to missing input validation in logs

EPSS

Процентиль: 64%

0.00475

Низкий

Связанные уязвимости

CVE-2009-0500

ubuntu

больше 16 лет назад

Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4 allows remote attackers to inject arbitrary web script or HTML via crafted log table information that is not properly handled when it is displayed in a log report.

CVE-2009-0500

nvd

больше 16 лет назад

Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4 allows remote attackers to inject arbitrary web script or HTML via crafted log table information that is not properly handled when it is displayed in a log report.

CVE-2009-0500

debian

больше 16 лет назад

Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle 1 ...

GHSA-v52c-rjhj-v6hm

github

около 3 лет назад

Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4 allows remote attackers to inject arbitrary web script or HTML via crafted log table information that is not properly handled when it is displayed in a log report.

EPSS

Процентиль: 64%

0.00475

Низкий

Уязвимость CVE-2009-0500