Topic: | XSS through 'section' parameter |
Severity: | Serious |
Versions affected: | < 2.1.2, < 2.0.5 (1.9.x not affected) |
Reported by: | Petr Škoda |
Issue no.: | MDL-28725 |
Solution: | upgrade to latest version |
Changes (master): | http://git.moodle.org/gw?p=moodle.git;a=commit;h=41017112cff7f5bd7969c72d321320f3090e7c68 |
Description:
Cross site scripting was possible through the 'section' parameter.