| Topic: | Cross-site scripting vulnerability in spikephpcoverage |
| Severity: | Major |
| Versions affected: | <2.0.2 (1.9.x not affected) |
| Reported by: | AutoSec Tools |
| Issue no.: | MDL-26237 |
| Solution: | Upgrade to latest version |
| Workaround: | Delete lib/spikephpcoverage/src/phpcoverage.remote.top.inc.php and lib/spikephpcoverage/src/phpcoverage.remote.bottom.inc.php |
Description:
AutoSec Tools published a report of cross-site scripting vulnerability in a bundled spikephpcoverage library.