Cross-site scripting (XSS) vulnerability in install.php for Moodle 1.8.3, and possibly other versions prior to 1.8.4, allows remote malicious users to inject arbitrary web script or HTML via the dbname parameter. NOTE: this issue only exists until the installation is complete.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle |