Security Announcements

Picture of Helen Foster
MSA-11-0015: Cross Site Scripting through URL encoding
Topic: Cross Site Scripting in multiple pages
Severity: Major
Versions affected: < 1.9.12
Reported by: Panagiotis Petasis
Issue no.: MDL-26966
Solution: Upgrade to the latest version


A vulnerability assessment done by the Acunetix Web Scanner revealed possible XSS vulnerabilities in pages of Moodle.