Cross-site scripting (XSS) vulnerability in an unspecified component of Moodle 1.5 allows remote attackers to inject arbitrary web script or HTML via a javascript URI in the SRC attribute of an IMG element. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. NOTE: It is unclear whether this candidate overlaps CVE-2006-4784 or CVE-2006-4941.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2006-12-18T11:00:00Z
Updated: 2024-09-16T19:25:12.976Z
Reserved: 2006-12-17T00:00:00Z
Link: CVE-2006-6626
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2006-12-18T11:28:00.000
Modified: 2008-09-05T21:15:13.097
Link: CVE-2006-6626
Redhat
No data.