Security Announcements

 
 
Picture of Helen Foster
MSA-11-0015: Cross Site Scripting through URL encoding
 
Topic: Cross Site Scripting in multiple pages
Severity: Major
Versions affected: < 1.9.12
Reported by: Panagiotis Petasis
Issue no.: MDL-26966
Solution: Upgrade to the latest version

Description:

A vulnerability assessment done by the Acunetix Web Scanner revealed possible XSS vulnerabilities in pages of Moodle.