classes/GoogleSpell.php in the PHP Spellchecker (aka Google Spellchecker) addon prior to 2.0.6.1 for TinyMCE, as used in Moodle 2.1.x prior to 2.1.10, 2.2.x prior to 2.2.7, 2.3.x prior to 2.3.4, and 2.4.x prior to 2.4.1 and other products, does not properly handle control characters, which allows remote malicious users to trigger arbitrary outbound HTTP requests via a crafted string.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tinymce spellchecker php 2.0 |
||
tinymce spellchecker php 2.0.2 |
||
tinymce spellchecker php 2.0.1 |
||
tinymce spellchecker php 2.0.6 |
||
tinymce spellchecker php 2.0.3 |
||
moodle moodle 2.1.0 |
||
moodle moodle 2.1.4 |
||
moodle moodle 2.1.7 |
||
moodle moodle 2.1.8 |
||
moodle moodle 2.1.9 |
||
moodle moodle 2.1.2 |
||
moodle moodle 2.1.1 |
||
moodle moodle 2.1.3 |
||
moodle moodle 2.1.5 |
||
moodle moodle 2.1.6 |
||
moodle moodle 2.2.3 |
||
moodle moodle 2.2.1 |
||
moodle moodle 2.2.4 |
||
moodle moodle 2.2.6 |
||
moodle moodle 2.2.5 |
||
moodle moodle 2.2.0 |
||
moodle moodle 2.2.2 |
||
moodle moodle 2.3.2 |
||
moodle moodle 2.3.1 |
||
moodle moodle 2.3.3 |
||
moodle moodle 2.3.0 |
||
moodle moodle 2.4.0 |