Description

Multiple cross-site scripting (XSS) vulnerabilities in lib/weblib.php in Moodle 1.9.x before 1.9.12 allow remote attackers to inject arbitrary web script or HTML via vectors related to URL encoding.

Remediation

References

CVE-2011-4290

Related Vulnerabilities

Drupal Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2022-31042)

Contao Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-4383)

WordPress Plugin Floating Tweets Multiple Vulnerabilities (1.0.1)

ReviveAdserver Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-22875)

WordPress CVE-2012-2399 Vulnerability (CVE-2012-2399)

Severity

Medium

Classification

CVE-2011-4290 CWE-707

Tags

Missing Update Known Vulnerabilities