Description

Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbitrary web script or HTML via the file parameter.

Remediation

References

CVE-2004-0725

Related Vulnerabilities

phpMyAdmin Other Vulnerability (CVE-2004-2632)

WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors Cross-Site Request Forgery (3.0.8)

Joomla Improper Input Validation Vulnerability (CVE-2016-8869)

WordPress Plugin Mass Pages/Posts Creator Cross-Site Scripting (1.2.2)

Dotclear Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2016-9268)

Severity

Medium

Classification

CVE-2004-0725

Tags

Missing Update Known Vulnerabilities