CVE-2009-0500 (retired)

Priority
Description
Cross-site scripting (XSS) vulnerability in course/lib.php in Moodle 1.6
before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4
allows remote attackers to inject arbitrary web script or HTML via crafted
log table information that is not properly handled when it is displayed in
a log report.
Package
Upstream:released (1.9.4)
More Information

Updated: 2019-03-26 11:47:07 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)