Description
Cross-site scripting (XSS) vulnerability in an unspecified component of Moodle 1.5 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. NOTE: It is unclear whether this candidate overlaps CVE-2006-4784 or CVE-2006-4941.
Remediation
References
Related Vulnerabilities
Moodle Improper Encoding or Escaping of Output Vulnerability (CVE-2021-40694)
WordPress Plugin User Role by BestWebSoft Cross-Site Scripting (1.4.1)
phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-8226)
Oracle JRE CVE-2022-21541 Vulnerability (CVE-2022-21541)
Oracle Application Server Other Vulnerability (CVE-2007-2130)