VRDA Feed : Provides information for vulnerability impact analysis

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

CVE-2010-2229

moodle: Multiple cross-site scripting (XSS) vulnerabilities...

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2229

Original

Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Translation (Show)

About This Analysis Information

Analysis Information Provider:

NIST NVD

First Published:

2010-06-28

Source Information Category:

Advisory, Alert

Last Updated:

2010-06-29

Affected Product Tags

cpe:/a:moodle:moodle:1.1.1

cpe:/a:moodle:moodle:1.2

cpe:/a:moodle:moodle:1.2.1

cpe:/a:moodle:moodle:1.3

cpe:/a:moodle:moodle:1.3.1

cpe:/a:moodle:moodle:1.3.2

cpe:/a:moodle:moodle:1.3.3

cpe:/a:moodle:moodle:1.3.4

cpe:/a:moodle:moodle:1.4.1

cpe:/a:moodle:moodle:1.4.2

cpe:/a:moodle:moodle:1.4.3

cpe:/a:moodle:moodle:1.4.4

cpe:/a:moodle:moodle:1.4.5

cpe:/a:moodle:moodle:1.5

cpe:/a:moodle:moodle:1.5.1

cpe:/a:moodle:moodle:1.5.2

cpe:/a:moodle:moodle:1.5.3

cpe:/a:moodle:moodle:1.5:beta

cpe:/a:moodle:moodle:1.6

cpe:/a:moodle:moodle:1.6.1

cpe:/a:moodle:moodle:1.6.2

cpe:/a:moodle:moodle:1.6.3

cpe:/a:moodle:moodle:1.6.4

cpe:/a:moodle:moodle:1.6.5

cpe:/a:moodle:moodle:1.6.6

cpe:/a:moodle:moodle:1.6.7

cpe:/a:moodle:moodle:1.6.8

cpe:/a:moodle:moodle:1.7

cpe:/a:moodle:moodle:1.7.1

cpe:/a:moodle:moodle:1.7.2

cpe:/a:moodle:moodle:1.7.3

cpe:/a:moodle:moodle:1.7.4

cpe:/a:moodle:moodle:1.7.5

cpe:/a:moodle:moodle:1.7.6

cpe:/a:moodle:moodle:1.8

cpe:/a:moodle:moodle:1.8.1

cpe:/a:moodle:moodle:1.8.10

cpe:/a:moodle:moodle:1.8.11

cpe:/a:moodle:moodle:1.8.12 and previous versions

cpe:/a:moodle:moodle:1.8.2

cpe:/a:moodle:moodle:1.8.3

cpe:/a:moodle:moodle:1.8.4

cpe:/a:moodle:moodle:1.8.5

cpe:/a:moodle:moodle:1.8.6

cpe:/a:moodle:moodle:1.8.7

cpe:/a:moodle:moodle:1.8.8

cpe:/a:moodle:moodle:1.8.9

cpe:/a:moodle:moodle:1.9

cpe:/a:moodle:moodle:1.9.1

cpe:/a:moodle:moodle:1.9.2

cpe:/a:moodle:moodle:1.9.3

cpe:/a:moodle:moodle:1.9.4

cpe:/a:moodle:moodle:1.9.5

cpe:/a:moodle:moodle:1.9.6

cpe:/a:moodle:moodle:1.9.7

cpe:/a:moodle:moodle:1.9.8

Vulnerability Analysis Results

[Access Vector] ^[?]

Undefined^[?]

Local^[?]

Adjacent Network^[?]

Network^[?]

[Access Complexit] ^[?]

Undefined^[?]

High^[?]

Medium^[?]

Low^[?]

[Authentication] ^[?]

Undefined^[?]

Multiple^[?]

Single^[?]

None^[?]

[Confidentiality Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Integrity Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Availability Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

Alternatives

References

CONFIRM http://cvs.moodle.org/moodle/blog/lib.php?r1=1.80.2.20&r2=1.80.2.21

CONFIRM http://cvs.moodle.org/moodle/blog/lib.php?r1=1.62.2.9&r2=1.62.2.10

CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=605809

CONFIRM http://tracker.moodle.org/browse/MDL-22631

CONFIRM http://moodle.org/mod/forum/discuss.php?d=152367

CONFIRM http://docs.moodle.org/en/Moodle_1.9.9_release_notes

CONFIRM http://docs.moodle.org/en/Moodle_1.8.13_release_notes

FEDORA FEDORA-2010-10321

FEDORA FEDORA-2010-10291

FEDORA FEDORA-2010-10286

MLIST [oss-security] 20100621 Re: CVE request: moodle 1.9.9/1.8.13 multiple vulnerabilities

SECUNIA 40352

SECUNIA 40248

VUPEN ADV-2010-1530

VUPEN ADV-2010-1571

Vulnerability Type Cross-Site Scripting (XSS) (CWE-79)