Description

Cross-site scripting (XSS) vulnerability in the print_object function in lib/datalib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3, when a developer debugging script is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors involving object states.

Remediation

References

CVE-2011-4591

Related Vulnerabilities

WebLogic CVE-2019-2856 Vulnerability (CVE-2019-2856)

MediaWiki Other Vulnerability (CVE-2005-3166)

WordPress Plugin Advanced Custom Fields PRO Cross-Site Scripting (6.1.5)

MySQL CVE-2018-2839 Vulnerability (CVE-2018-2839)

WordPress Plugin External Media Arbitrary File Upload (1.0.33)

Severity

Medium

Classification

CVE-2011-4591 CWE-707

Tags

Missing Update Known Vulnerabilities