Description

Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors involving extended characters in a username.

Remediation

References

CVE-2010-2228

Related Vulnerabilities

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-11809)

phpMyFAQ Improper Privilege Management Vulnerability (CVE-2023-1762)

WordPress Plugin Recipe Card Blocks for Gutenberg & Elementor Cross-Site Scripting (2.8.0)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1455)

WordPress Plugin MX Time Zone Clocks Cross-Site Scripting (3.4)

Severity

Medium

Classification

CVE-2010-2228 CWE-707

Tags

Missing Update Known Vulnerabilities