Description

Cross-site scripting (XSS) vulnerability in mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticated users to inject arbitrary web script or HTML via a wiki comment.

Remediation

References

CVE-2011-4299

Related Vulnerabilities

SugarCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-17313)

WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5731)

WordPress Plugin Responsive Lightbox by dFactory Cross-Site Scripting (1.7.1)

LimeSurvey Other Vulnerability (CVE-2014-5018)

Oracle Application Server CVE-2006-0273 Vulnerability (CVE-2006-0273)

Severity

Medium

Classification

CVE-2011-4299 CWE-707

Tags

Missing Update Known Vulnerabilities