First published: Mon Jul 23 2012(Updated: )
Cross-site scripting (XSS) vulnerability in cohort/edit_form.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the idnumber field. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2365.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Moodle Moodle | =2.0.0 | |
Moodle Moodle | =2.0.1 | |
Moodle Moodle | =2.0.2 | |
Moodle Moodle | =2.0.3 | |
Moodle Moodle | =2.0.4 | |
Moodle Moodle | =2.0.5 | |
Moodle Moodle | =2.0.6 | |
Moodle Moodle | =2.0.7 | |
Moodle Moodle | =2.0.8 | |
Moodle Moodle | =2.0.9 | |
Moodle Moodle | =2.1.0 | |
Moodle Moodle | =2.1.1 | |
Moodle Moodle | =2.1.2 | |
Moodle Moodle | =2.1.3 | |
Moodle Moodle | =2.1.4 | |
Moodle Moodle | =2.1.5 | |
Moodle Moodle | =2.1.6 | |
Moodle Moodle | =2.2.0 | |
Moodle Moodle | =2.2.1 | |
Moodle Moodle | =2.2.2 | |
Moodle Moodle | =2.2.3 | |
Moodle Moodle | =2.3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.