PT-2012-1834 · Moodle · Moodle

Publicado

2012-07-16

·

Atualizado

2022-05-13

·

CVE-2011-4286

CVSS v2.0

4.3

Média

VetorAV:N/AC:M/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions Moodle versions 1.9.x through 1.9.10 Moodle versions 2.0.x through 2.0.1
Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities in the media-filter implementation. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via specific vectors, including Flash Video (FLV) files and YouTube videos.
Recommendations For Moodle versions 1.9.x through 1.9.10, update to version 1.9.11 or later. For Moodle versions 2.0.x through 2.0.1, update to version 2.0.2 or later.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2011-4286
DSA-2262-1
GHSA-86V9-GQH9-8268

Produtos afetados

Moodle