CVE-2010-1619

2010-04-2921:30:00

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.002

Percentile

56.9%

JSON

Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php), as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via crafted HTML entities.

Affected configurations

Nvd

Node

moodlemoodleMatch1.8.1

moodlemoodleMatch1.8.2

moodlemoodleMatch1.8.3

moodlemoodleMatch1.8.4

moodlemoodleMatch1.8.5

moodlemoodleMatch1.8.6

moodlemoodleMatch1.8.7

moodlemoodleMatch1.8.8

moodlemoodleMatch1.8.9

moodlemoodleMatch1.8.10

moodlemoodleMatch1.8.11

moodlemoodleMatch1.9.1

moodlemoodleMatch1.9.2

moodlemoodleMatch1.9.3

moodlemoodleMatch1.9.4

moodlemoodleMatch1.9.5

moodlemoodleMatch1.9.6

moodlemoodleMatch1.9.7

VendorProductVersionCPE
moodlemoodle1.8.1cpe:2.3:a:moodle:moodle:1.8.1:*:*:*:*:*:*:*
moodlemoodle1.8.2cpe:2.3:a:moodle:moodle:1.8.2:*:*:*:*:*:*:*
moodlemoodle1.8.3cpe:2.3:a:moodle:moodle:1.8.3:*:*:*:*:*:*:*
moodlemoodle1.8.4cpe:2.3:a:moodle:moodle:1.8.4:*:*:*:*:*:*:*
moodlemoodle1.8.5cpe:2.3:a:moodle:moodle:1.8.5:*:*:*:*:*:*:*
moodlemoodle1.8.6cpe:2.3:a:moodle:moodle:1.8.6:*:*:*:*:*:*:*
moodlemoodle1.8.7cpe:2.3:a:moodle:moodle:1.8.7:*:*:*:*:*:*:*
moodlemoodle1.8.8cpe:2.3:a:moodle:moodle:1.8.8:*:*:*:*:*:*:*
moodlemoodle1.8.9cpe:2.3:a:moodle:moodle:1.8.9:*:*:*:*:*:*:*
moodlemoodle1.8.10cpe:2.3:a:moodle:moodle:1.8.10:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
moodle	moodle	1.8.1	cpe:2.3:a:moodle:moodle:1.8.1:::::::*
moodle	moodle	1.8.2	cpe:2.3:a:moodle:moodle:1.8.2:::::::*
moodle	moodle	1.8.3	cpe:2.3:a:moodle:moodle:1.8.3:::::::*
moodle	moodle	1.8.4	cpe:2.3:a:moodle:moodle:1.8.4:::::::*
moodle	moodle	1.8.5	cpe:2.3:a:moodle:moodle:1.8.5:::::::*
moodle	moodle	1.8.6	cpe:2.3:a:moodle:moodle:1.8.6:::::::*
moodle	moodle	1.8.7	cpe:2.3:a:moodle:moodle:1.8.7:::::::*
moodle	moodle	1.8.8	cpe:2.3:a:moodle:moodle:1.8.8:::::::*
moodle	moodle	1.8.9	cpe:2.3:a:moodle:moodle:1.8.9:::::::*
moodle	moodle	1.8.10	cpe:2.3:a:moodle:moodle:1.8.10:::::::*