CVE-2007-3555

Published: Jul 4, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1 allows remote attackers to inject arbitrary web script or HTML via a style expression in the search parameter, a different vulnerability than CVE-2004-1424.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://tracker.moodle.org/browse/MDL-10341

x_refsource_CONFIRM

36366

vdb-entry

x_refsource_OSVDB

25929

third-party-advisory

x_refsource_SECUNIA

http://tracker.moodle.org/secure/IssueNavigator.jspa?mode=hide&requestId=10252

x_refsource_CONFIRM

moodle-search-xss(35239)

vdb-entry

x_refsource_XF

20070703 Moodle XSS / Liesbeth base CMS sensitive information disclosure

mailing-list

x_refsource_BUGTRAQ

2857

third-party-advisory

x_refsource_SREASON

24748

vdb-entry

x_refsource_BID

http://securityvulns.ru/Rdocument391.html

x_refsource_MISC

1018333

vdb-entry

x_refsource_SECTRACK

DSA-1691

vendor-advisory

x_refsource_DEBIAN

http://websecurity.com.ua/1045/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-3555

Description

Affected Products

References