Описание
Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1.6.2 might allow remote attackers to inject arbitrary web script or HTML via (1) the choose parameter in files/index.php and (2) the sub parameter in doc/index.php.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | 1.8.2-1 |
| edgy | not-affected | 1.6.2-1ubuntu1.1 |
| feisty | not-affected | 1.6.3-2ubuntu1 |
| gutsy | not-affected | 1.8.2-1 |
| hardy | not-affected | 1.8.2-1 |
| intrepid | not-affected | 1.8.2-1 |
| jaunty | not-affected | 1.8.2-1 |
| karmic | not-affected | 1.8.2-1 |
| upstream | released | 1.6.2 |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1.6.2 might allow remote attackers to inject arbitrary web script or HTML via (1) the choose parameter in files/index.php and (2) the sub parameter in doc/index.php.
Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1 ...
Multiple cross-site scripting (XSS) vulnerabilities in Moodle before 1.6.2 might allow remote attackers to inject arbitrary web script or HTML via (1) the choose parameter in files/index.php and (2) the sub parameter in doc/index.php.
EPSS
4.3 Medium
CVSS2