Description

Cross-site scripting (XSS) vulnerability in an unspecified component of Moodle 1.5 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. NOTE: It is unclear whether this candidate overlaps CVE-2006-4784 or CVE-2006-4941.

Remediation

References

CVE-2006-6626

Related Vulnerabilities

Squid Improper Input Validation Vulnerability (CVE-2013-1839)

Oracle Database Server CVE-2006-0267 Vulnerability (CVE-2006-0267)

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-26266)

EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-3539)

Oracle JRE CVE-2012-0502 Vulnerability (CVE-2012-0502)

Severity

Medium

Classification

CVE-2006-6626

Tags

Missing Update Known Vulnerabilities