2 matches found
CVE-2013-4941
Cross-site scripting XSS vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 3.2.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other products, allows remote attackers to inject arbitrary we...
CVE-2013-4941
CVE-2013-4941 describes a Cross-site scripting (XSS) vulnerability in uploader.swf (Uploader component) of Yahoo! YUI 3.2.0–3.9.1, which is used in Moodle up to specific versions. The flaw allows remote attackers to inject arbitrary web script or HTML via a crafted string in a URL. The affected s...