Description

Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2011-4280

Related Vulnerabilities

PHP-Fusion URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-23182)

WordPress Plugin Metform Elementor Contact Form Builder-Flexible and Design-Friendly Contact Form builder for WordPress Cross-Site Scripting (3.1.2)

Liferay Portal CVE-2020-15841 Vulnerability (CVE-2020-15841)

WordPress Plugin CAPTCHA in Thai Multiple Cross-Site Scripting Vulnerabilities (1.1)

CakePHP Improper Input Validation Vulnerability (CVE-2010-4335)

Severity

Medium

Classification

CVE-2011-4280 CWE-707

Tags

Missing Update Known Vulnerabilities