CVE-2011-4278
Priority
Medium
Description
Cross-site scripting (XSS) vulnerability in the tag autocomplete
functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows
remote attackers to inject arbitrary web script or HTML via unspecified
vectors.
functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows
remote attackers to inject arbitrary web script or HTML via unspecified
vectors.
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | needed |
| Ubuntu 11.10 (Oneiric Ocelot): | not-affected (1.9.9.dfsg2-3) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected |
| Ubuntu 13.04 (Raring Ringtail): | not-affected |