bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/29284.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

7 lines
No EOL
609 B
Text
Raw Blame History

source: http://www.securityfocus.com/bid/21596/info
Moodle is reported prone to multiple input-validation vulnerabilities, including a cross-site scripting issue and an HTML injection issue, because the application fails to properly sanitize user-supplied input data.
The cross-site scripting vulnerability is reported to affect version 1.6.1; the HTML-injection vulnerability affects version 1.5.
http://www.exmple.com/moodle/mod/forum/discuss.php?d=1&parent=2&navtail=<script >alert() < img src=& #106& #97& #118& #97& #115& #99& #114& #105& #112& #116& #58& #97& #108& #101& #114& #116& #40& #41>
Reference in a new issue View git blame Copy permalink