CVE-2010-2229

Published: 28 June 2010

Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Priority

Low

Status

Package Release Status
moodle
Launchpad, Ubuntu, Debian
Upstream
Released (1.9.9)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(1.9.9.dfsg2-2)