Description

Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 before 1.7.6, 1.8 before 1.8.7, and 1.9 before 1.9.3 allows remote attackers to inject arbitrary web script or HTML via a Wiki page name (aka page title).

Remediation

References

CVE-2008-5432

Related Vulnerabilities

Python Resource Management Errors Vulnerability (CVE-2013-2099)

WordPress Plugin WPCS-WordPress Currency Switcher Cross-Site Request Forgery (1.1.6)

Oracle JRE Cryptographic Issues Vulnerability (CVE-2012-5373)

WordPress Plugin VideoWhisper Video Presentation Arbitrary File Upload (3.31.17)

Joomla! Core 2.5.x Denial of Service (2.5.0 - 2.5.9)

Severity

Medium

Classification

CVE-2008-5432 CWE-707

Tags

Missing Update Known Vulnerabilities