CVE-2011-4278

Priority
Medium
Description
Cross-site scripting (XSS) vulnerability in the tag autocomplete
functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows
remote attackers to inject arbitrary web script or HTML via unspecified
vectors.
References
Package
Upstream:needs-triage
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):not-affected
Ubuntu 12.10 (Quantal Quetzal):not-affected
Ubuntu 13.04 (Raring Ringtail):not-affected
Ubuntu 13.10 (Saucy Salamander):not-affected
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
More Information

Valid XHTML 1.0 Strict

Updated: 2013-12-20 21:16:49 UTC (commit 7585)