Moodle 'PHPCOVERAGE_HOME' Cross Site Scripting Vulnerability Network Vulnerability

Summary

Moodle is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Exploiting this vulnerability may allow an attacker to perform cross- site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie- based authentication credentials and to launch other attacks. Versions prior to Moodle 2.0.1 are vulnerable.

References

http://www.moodle.org
https://www.securityfocus.com/bid/46085

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Archiva Home Page Cross-Site Scripting vulnerability
AMSI 'file' Parameter Directory Traversal Vulnerability
Apache Tomcat SecurityConstraints Security Bypass Vulnerability
Apache Tomcat Information Disclosure Vulnerability
Apache ActiveMQ Source Code Information Disclosure Vulnerability

Take action and discover your vulnerabilities