Description

Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.6.1 and earlier might allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) doc/index.php or (2) files/index.php.

Remediation

References

CVE-2006-4784

Related Vulnerabilities

WordPress Plugin WP Ad Guru Lite Cross-Site Scripting (1.6.0)

WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Scripting (4.3.20)

WordPress Plugin Twitter Button by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (2.36)

OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-3736)

Joomla Inadequate Encryption Strength Vulnerability (CVE-2021-23126)

Severity

Medium

Classification

CVE-2006-4784

Tags

Missing Update Known Vulnerabilities