Topic: | Cross-site scripting vulnerability in spikephpcoverage |
Severity: | Major |
Versions affected: | <2.0.2 (1.9.x not affected) |
Reported by: | AutoSec Tools |
Issue no.: | MDL-26237 |
Solution: | Upgrade to latest version |
Workaround: | Delete lib/spikephpcoverage/src/phpcoverage.remote.top.inc.php and lib/spikephpcoverage/src/phpcoverage.remote.bottom.inc.php |
Description:
AutoSec Tools published a report of cross-site scripting vulnerability in a bundled spikephpcoverage library.