Vulnerability Details CVE-2010-2229
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://cvs.moodle.org/moodle/blog/lib.php?r1=1.62.2.9&r2=1.62.2.10
- http://cvs.moodle.org/moodle/blog/lib.php?r1=1.80.2.20&r2=1.80.2.21
- http://docs.moodle.org/en/Moodle_1.8.13_release_notes
- http://docs.moodle.org/en/Moodle_1.9.9_release_notes
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043285.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043291.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043340.html
- http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
- http://moodle.org/mod/forum/discuss.php?d=152367
- http://secunia.com/advisories/40248
- http://secunia.com/advisories/40352
- http://tracker.moodle.org/browse/MDL-22631
- http://www.openwall.com/lists/oss-security/2010/06/21/2
- http://www.vupen.com/english/advisories/2010/1530
- http://www.vupen.com/english/advisories/2010/1571
- https://bugzilla.redhat.com/show_bug.cgi?id=605809
- http://cvs.moodle.org/moodle/blog/lib.php?r1=1.62.2.9&r2=1.62.2.10
- http://cvs.moodle.org/moodle/blog/lib.php?r1=1.80.2.20&r2=1.80.2.21
- http://docs.moodle.org/en/Moodle_1.8.13_release_notes
- http://docs.moodle.org/en/Moodle_1.9.9_release_notes
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043285.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043291.html
- http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043340.html
- http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html
- http://moodle.org/mod/forum/discuss.php?d=152367
- http://secunia.com/advisories/40248
- http://secunia.com/advisories/40352
- http://tracker.moodle.org/browse/MDL-22631
- http://www.openwall.com/lists/oss-security/2010/06/21/2
- http://www.vupen.com/english/advisories/2010/1530
- http://www.vupen.com/english/advisories/2010/1571
- https://bugzilla.redhat.com/show_bug.cgi?id=605809
Products affected by CVE-2010-2229
-
cpe:2.3:a:moodle:moodle:-
-
cpe:2.3:a:moodle:moodle:1.1.1
-
cpe:2.3:a:moodle:moodle:1.2
-
cpe:2.3:a:moodle:moodle:1.2.0
-
cpe:2.3:a:moodle:moodle:1.2.1
-
cpe:2.3:a:moodle:moodle:1.3
-
cpe:2.3:a:moodle:moodle:1.3.0
-
cpe:2.3:a:moodle:moodle:1.3.1
-
cpe:2.3:a:moodle:moodle:1.3.2
-
cpe:2.3:a:moodle:moodle:1.3.3
-
cpe:2.3:a:moodle:moodle:1.3.4
-
cpe:2.3:a:moodle:moodle:1.3.5
-
cpe:2.3:a:moodle:moodle:1.4.0
-
cpe:2.3:a:moodle:moodle:1.4.1
-
cpe:2.3:a:moodle:moodle:1.4.2
-
cpe:2.3:a:moodle:moodle:1.4.3
-
cpe:2.3:a:moodle:moodle:1.4.4
-
cpe:2.3:a:moodle:moodle:1.4.5
-
cpe:2.3:a:moodle:moodle:1.5
-
cpe:2.3:a:moodle:moodle:1.5.0
-
cpe:2.3:a:moodle:moodle:1.5.1
-
cpe:2.3:a:moodle:moodle:1.5.2
-
cpe:2.3:a:moodle:moodle:1.5.3
-
cpe:2.3:a:moodle:moodle:1.5.4
-
cpe:2.3:a:moodle:moodle:1.6
-
cpe:2.3:a:moodle:moodle:1.6.0
-
cpe:2.3:a:moodle:moodle:1.6.1
-
cpe:2.3:a:moodle:moodle:1.6.2
-
cpe:2.3:a:moodle:moodle:1.6.3
-
cpe:2.3:a:moodle:moodle:1.6.4
-
cpe:2.3:a:moodle:moodle:1.6.5
-
cpe:2.3:a:moodle:moodle:1.6.6
-
cpe:2.3:a:moodle:moodle:1.6.7
-
cpe:2.3:a:moodle:moodle:1.6.8
-
cpe:2.3:a:moodle:moodle:1.6.9
-
cpe:2.3:a:moodle:moodle:1.7
-
cpe:2.3:a:moodle:moodle:1.7.0
-
cpe:2.3:a:moodle:moodle:1.7.1
-
cpe:2.3:a:moodle:moodle:1.7.2
-
cpe:2.3:a:moodle:moodle:1.7.3
-
cpe:2.3:a:moodle:moodle:1.7.4
-
cpe:2.3:a:moodle:moodle:1.7.5
-
cpe:2.3:a:moodle:moodle:1.7.6
-
cpe:2.3:a:moodle:moodle:1.7.7
-
cpe:2.3:a:moodle:moodle:1.8
-
cpe:2.3:a:moodle:moodle:1.8.0
-
cpe:2.3:a:moodle:moodle:1.8.1
-
cpe:2.3:a:moodle:moodle:1.8.10
-
cpe:2.3:a:moodle:moodle:1.8.11
-
cpe:2.3:a:moodle:moodle:1.8.12
-
cpe:2.3:a:moodle:moodle:1.8.2
-
cpe:2.3:a:moodle:moodle:1.8.3
-
cpe:2.3:a:moodle:moodle:1.8.4
-
cpe:2.3:a:moodle:moodle:1.8.5
-
cpe:2.3:a:moodle:moodle:1.8.6
-
cpe:2.3:a:moodle:moodle:1.8.7
-
cpe:2.3:a:moodle:moodle:1.8.8
-
cpe:2.3:a:moodle:moodle:1.8.9
-
cpe:2.3:a:moodle:moodle:1.9.1
-
cpe:2.3:a:moodle:moodle:1.9.2
-
cpe:2.3:a:moodle:moodle:1.9.3
-
cpe:2.3:a:moodle:moodle:1.9.4
-
cpe:2.3:a:moodle:moodle:1.9.5
-
cpe:2.3:a:moodle:moodle:1.9.6
-
cpe:2.3:a:moodle:moodle:1.9.7
-
cpe:2.3:a:moodle:moodle:1.9.8