Moodle XSS Vulnerability

Moodle XSS Vulnerability 13.07.04 Vendor: Moodle URL: http://moodle.org/ Version: Moodle 1.3.2+, Moodle 1.4 dev Risk: XSS Description: "Moodle is a course management system CMS - a software package designed to help educators create quality online courses." See http://moodle.org/ for a detailed...

Horde IMP IMP_MIME_Viewer_html Class XSS

The remote server is running at least one instance of IMP whose version number is between 3.0 and 3.2.1 inclusive. Such versions are vulnerable to several cross-scripting attacks whereby an attacker can cause a victim to unknowingly run arbitrary JavaScript code simply by reading an HTML message...

DSA-355 gallery - cross-site scripting

Bulletin has no description...

CVE-2002-2101

Microsoft Outlook 2002 allows remote attackers to execute arbitrary JavaScript code, even when scripting is disabled, via an "about:" or "javascript:" URI in the href attribute of an "a" tag...

CGIWrap 2.x3.x - Cross-Site Scripting

CGIWrap 2.x3.x - Cross-Site Scripting source: https://www.securityfocus.com/bid/3081/info CGIWrap is a free, open-source program for running CGI securely. CGIWrap does not filter embedded scripting commands from user-supplied input. A web user may submit a malicious link into any form which...

PT-2000-1070 · Microsoft · Hotmail

Name of the Vulnerable Software and Affected Versions: Hotmail affected versions not specified Description: The issue concerns the improper filtering of JavaScript code from a user's mailbox. This allows a remote attacker to execute JavaScript code by using hexadecimal codes to specify the...

netscape.title.tag.about.txt

Date: Mon, 24 May 1999 14:24:13 +0300 From: Georgi Guninski To: [email protected] Subject: Netscape Communicator JavaScript in security vulnerability There is a security bug in Netscape Communicator 4.6 Win95, 4.07 Linux guess all 4.x versions are affected in the way they treat JavaScript code...