Cross-site scripting (XSS) vulnerability in blog/edit.php in Moodle 1.6.x prior to 1.6.7 and 1.7.x prior to 1.7.5 allows remote malicious users to inject arbitrary web script or HTML via the etitle parameter (blog entry title).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
moodle moodle 1.6.0 |
||
moodle moodle 1.6.1 |
||
moodle moodle 1.6.2 |
||
moodle moodle 1.7.2 |
||
moodle moodle 1.7.3 |
||
moodle moodle 1.6.3 |
||
moodle moodle 1.6.4 |
||
moodle moodle 1.7.4 |
||
moodle moodle 1.6.5 |
||
moodle moodle 1.6.6 |
||
moodle moodle 1.7.1 |