Lucene search
Ubuntu.comUB:CVE-2010-1619HistoryApr 29, 2010 - 12:00 a.m.
CVE-2010-1619
2010-04-2900:00:00
ubuntu.com
ubuntu.com
9
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
56.9%
Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities
function in the KSES HTML text cleaning library (weblib.php), as used in
Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers
to inject arbitrary web script or HTML via crafted HTML entities.
Notes
| Author | Note |
|---|---|
| kees | MSA-10-0001 http://tracker.moodle.org/browse/MDL-21026 |
Related
prion
prion
Cross site scripting
2010-04-29 21:30:00
debiancve
debiancve
CVE-2010-1619
2010-04-29 21:30:00
nvd
nvd
CVE-2010-1619
2010-04-29 21:30:00
cvelist
cvelist
CVE-2010-1619
2010-04-29 21:00:00
cve
cve
CVE-2010-1619
2010-04-29 21:30:00
openvas
openvas
Moodle Multiple Vulnerabilities
2010-05-19 00:00:00
Moodle Multiple Vulnerabilities
2010-05-19 00:00:00
Moodle 1.8.x < 1.8.12, 1.9.x < 1.9.8 Multiple Vulnerabilities
2010-04-12 00:00:00
nessus
nessus
openSUSE Security Update : moodle (openSUSE-SU-2010:0212-1)
2010-05-05 00:00:00
openSUSE Security Update : moodle (openSUSE-SU-2010:0212-1)
2010-05-05 00:00:00
Debian DSA-2115-1 : moodle - several vulnerabilities
2010-10-06 00:00:00
debian
debian
[SECURITY] [DSA-2115-2] New moodle packages fix several vulnerabilities
2010-10-11 05:18:06
[SECURITY] [DSA-2115-1] New moodle packages fix several vulnerabilities
2010-09-29 21:04:56
osv
osv
moodle - several vulnerabilities
2010-09-29 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.002
Percentile
56.9%
Related for UB:CVE-2010-1619