Description

Cross-site scripting (XSS) vulnerability in claroline/linker/notfound.php in Claroline 1.8.11 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header.

Remediation

References

CVE-2009-1907

Related Vulnerabilities

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker Unspecified Vulnerability (6.3.5)

phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2016-5734)

Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2021-30639)

WordPress Plugin Newsletter-Send awesome emails from WordPress SQL Injection (3.0.8)

MySQL CVE-2012-0487 Vulnerability (CVE-2012-0487)

Severity

Medium

Classification

CVE-2009-1907 CWE-707

Tags

Missing Update Known Vulnerabilities