Description
Cross-site scripting (XSS) vulnerability in an unspecified component of Moodle 1.5 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. NOTE: It is unclear whether this candidate overlaps CVE-2006-4784 or CVE-2006-4941.
Remediation
References
Related Vulnerabilities
WordPress Plugin Gallery by BestWebSoft 'php.php' Arbitrary File Upload (3.06)
WordPress Plugin YITH Color and Label Variations for WooCommerce Security Bypass (1.8.11)
WordPress Plugin uContext for Amazon Cross-Site Request Forgery (3.9.1)
WordPress Plugin Automated Content for Real Estate Multiple Unspecified Vulnerabilities (5.4.2)