ID de Prueba:	1.3.6.1.4.1.25623.1.0.100686
Categoría:	Web application abuses
Título:	Moodle Multiple Vulnerabilities
Resumen:	Moodle is prone to multiple vulnerabilities, including:;; - a cross-site scripting issue;; - a security-bypass issue;; - an HTML-injection issue
Descripción:	Summary: Moodle is prone to multiple vulnerabilities, including: - a cross-site scripting issue - a security-bypass issue - an HTML-injection issue Vulnerability Impact: Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing an attacker to steal cookie- based authentication credentials and to control how the site is rendered to the user, other attacks are also possible. Affected Software/OS: These issues affect versions prior to Moodle 1.9.9 and 1.8.13. Solution: Updates are available. Please see the references for more information. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2228 40248 http://secunia.com/advisories/40248 40352 http://secunia.com/advisories/40352 ADV-2010-1530 http://www.vupen.com/english/advisories/2010/1530 ADV-2010-1571 http://www.vupen.com/english/advisories/2010/1571 FEDORA-2010-10286 http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043285.html FEDORA-2010-10291 http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043291.html FEDORA-2010-10321 http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043340.html SUSE-SR:2010:014 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html [oss-security] 20100621 Re: CVE request: moodle 1.9.9/1.8.13 multiple vulnerabilities http://www.openwall.com/lists/oss-security/2010/06/21/2 http://docs.moodle.org/en/Moodle_1.8.13_release_notes http://docs.moodle.org/en/Moodle_1.9.9_release_notes http://moodle.org/mod/forum/discuss.php?d=152366 http://tracker.moodle.org/browse/MDL-22040 https://bugzilla.redhat.com/show_bug.cgi?id=605809 Common Vulnerability Exposure (CVE) ID: CVE-2010-2229 http://cvs.moodle.org/moodle/blog/lib.php?r1=1.62.2.9&r2=1.62.2.10 http://cvs.moodle.org/moodle/blog/lib.php?r1=1.80.2.20&r2=1.80.2.21 http://moodle.org/mod/forum/discuss.php?d=152367 http://tracker.moodle.org/browse/MDL-22631 Common Vulnerability Exposure (CVE) ID: CVE-2010-2230 http://cvs.moodle.org/moodle/lib/weblib.php?r1=1.812.2.114&r2=1.812.2.115 http://cvs.moodle.org/moodle/lib/weblib.php?r1=1.970.2.171&r2=1.970.2.172 http://moodle.org/mod/forum/discuss.php?d=152368 http://tracker.moodle.org/browse/MDL-22042 Common Vulnerability Exposure (CVE) ID: CVE-2010-2231 http://cvs.moodle.org/moodle/mod/quiz/report/overview/report.php?r1=1.98.2.50&r2=1.98.2.51 http://moodle.org/mod/forum/discuss.php?d=152369 http://tracker.moodle.org/browse/MDL-21688
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.