[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE Request: moodle 1.9.8, 1.8.2
From: "Steven M. Christey" <coley () linus ! mitre ! org>
Date: 2010-04-29 19:40:39
Message-ID: Pine.GSO.4.64.1004291537280.5271 () faron ! mitre ! org
[Download RAW message or body]
>MSA-10-0009: Session fixation prevention now turned on by default
Use CVE-2010-1613
>MSA-10-0008: Persistent XSS when using Login-as feature
>MSA-10-0007: Reflective Cross Site Scripting (XSS) in the Moodle
>Global Search Engine
These two are combined into a single CVE.
Use CVE-2010-1614
>MSA-10-0006: SQL injection in Wiki module
>MSA-10-0005: Incorrect validation of forms data
These two are combined into a single CVE.
Use CVE-2010-1615
>MSA-10-0004: Improved access control in course restore
Use CVE-2010-1616
>MSA-10-0003: Disclosure of full user names
Use CVE-2010-1617
>MSA-10-0002: XSS vulnerabilty in the phpcas module
Use CVE-2010-1618
>MSA-10-0001: Vulnerability in KSES text cleaning
Use CVE-2010-1619
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic