Description

Cross-site scripting (XSS) vulnerability in help.php in Moodle before 1.3 allows remote attackers to inject arbitrary HTML and web script via the text parameter.

Remediation

References

CVE-2004-1978

Related Vulnerabilities

Phusion Passenger Other Vulnerability (CVE-2014-1831)

WordPress Plugin Google Calendar Events Cross-Site Scripting (2.0.3.1)

Coppermine Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3481)

CakePHP Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2006-4067)

WordPress Plugin Contus HD FLV Player 'process-sortable.php' SQL Injection (1.3)

Severity

Medium

Classification

CVE-2004-1978

Tags

Missing Update Known Vulnerabilities