EUVD-2010-4675

Malware in sbrugna...

EUVD-2010-4181

Malware in sbrugna...

GHSA-X5HJ-47VV-53P8 YUI Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in io.swf in the IO Utility component in Yahoo! YUI 3.10.2, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other products, allows remote attackers to inject arbitrary web script or HTML...

YUI 2.4.0 < 3.0.0 Cross-site Scripting

According to its self-reported version number, YUI is at least 2.4.0 and prior to 3.0.0. Therefore, it may be affected by a cross-site scripting vulnerability via YUI .swf files. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported...

Fedora 14 : bugzilla-3.6.3-1.fc14 (2010-17274)

The following security issues have been discovered in Bugzilla : - There is a way to inject both headers and content to users, causing a serious Cross-Site Scripting vulnerability. - It was possible to see graphs from Old Charts even if you did not have access to a particular product, and you cou...

Fedora 14 : moodle-1.9.10-1.fc14 (2010-16764)

Fixes security vulnerability in YUI. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...

Cross site scripting

Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to charts/assets/charts.swf...