PublicDate: 2008-01-12 01:46:00 UTC
Candidate: CVE-2008-0123
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0123
Description:
 Cross-site scripting (XSS) vulnerability in install.php for Moodle 1.8.3,
 and possibly other versions before 1.8.4, allows remote attackers to inject
 arbitrary web script or HTML via the dbname parameter.  NOTE: this issue
 only exists until the installation is complete.
Ubuntu-Description:
Notes:
Bugs:
Priority: negligible
Discovered-by:
Assigned-to:
CVSS: 

Patches_moodle:
 upstream: http://cvs.moodle.org/moodle/install.php?r1=1.65.2.9&r2=1.65.2.10
upstream_moodle: released (1.8.4)
dapper_moodle: ignored (installer only configured for localhost access)
edgy_moodle: ignored (installer only configured for localhost access)
feisty_moodle: needed (reached end-of-life)
gutsy_moodle: ignored (installer only configured for localhost access)
hardy_moodle: ignored (installer only configured for localhost access)
devel_moodle: ignored (installer only configured for localhost access)