Description

Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2011-4280

Related Vulnerabilities

WebLogic CVE-2021-2142 Vulnerability (CVE-2021-2142)

MySQL CVE-2020-14836 Vulnerability (CVE-2020-14836)

WordPress Plugin Backup, Restore and Migrate WordPress Sites With the XCloner Cross-Site Request Forgery (3.1.0)

WordPress Plugin YaySMTP-Simple WP SMTP Mail Cross-Site Scripting (2.2)

WordPress Plugin Insert Pages Multiple Vulnerabilities (3.6.1)

Severity

Medium

Classification

CVE-2011-4280 CWE-707

Tags

Missing Update Known Vulnerabilities