oss-sec mailing list archives
Re: CVE request: moodle xss in < 1.8.5
From: Nico Golde <oss-security+ml () ngolde de>
Date: Tue, 8 Jul 2008 18:10:37 +0200
Hi Hanno, * Hanno Böck <hanno () hboeck de> [2008-07-08 13:29]:
Am Sonntag 06 Juli 2008 schrieb Nico Golde:* Hanno Böck <hanno () hboeck de> [2008-07-06 19:04]:http://docs.moodle.org/en/Release_Notes#Moodle_1.8.5 * KSES related XSS security vulnerability fixedThis should be CVE-2008-1502:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1502 is about egroupware. I found no cve related to moodle 1.8.4.
Yes, this should get updated, I sent a request to update this together with more information to vendor-sec. Cheers Nico -- Nico Golde - http://www.ngolde.de - nion () jabber ccc de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
_bin
Description:
Current thread:
- CVE request: moodle xss in < 1.8.5 Hanno Böck (Jul 06)
- Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 06)
- Re: CVE request: moodle xss in < 1.8.5 Hanno Böck (Jul 08)
- Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 08)
- Re: CVE request: moodle xss in < 1.8.5 Steven M. Christey (Jul 08)
- Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 08)
- Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 11)
- Re: CVE request: moodle xss in < 1.8.5 Hanno Böck (Jul 08)
- Re: CVE request: moodle xss in < 1.8.5 Nico Golde (Jul 06)