Cross-site scripting (XSS) vulnerability in an unspecified component of Moodle 1.5 allows remote malicious users to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. NOTE: It is unclear whether this candidate overlaps CVE-2006-4784 or CVE-2006-4941.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle 1.5 |
||
moodle moodle 1.5.1 |
||
moodle moodle 1.5.3 |
||
moodle moodle 1.5.2 |
||
moodle moodle 1.6.1 |