Description

Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors.

Remediation

References

CVE-2006-4936

Related Vulnerabilities

WordPress Plugin Ultimate Addons for Beaver Builder Cross-Site Scripting (1.24.3)

WordPress Plugin Easy Justified Gallery Cross-Site Scripting (1.0.8)

Oracle Application Server CVE-2009-0990 Vulnerability (CVE-2009-0990)

Dot CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-15219)

WordPress Plugin cformsII Multiple Cross-Site Scripting Vulnerabilities (14.13.2)

Severity

Critical

Classification

CVE-2006-4936 CWE-20

Tags

Missing Update Known Vulnerabilities