Date: Mon, 21 Jun 2010 14:45:33 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: coley <coley@...re.org> Subject: Re: CVE request: moodle 1.9.9/1.8.13 multiple vulnerabilities ----- "Vincent Danen" <vdanen@...hat.com> wrote: > Moodle 1.9.9 and 1.8.13 fix a few security issues: > > http://docs.moodle.org/en/Moodle_1.9.9_release_notes > http://docs.moodle.org/en/Moodle_1.8.13_release_notes > > Which address the following issues: > > * MSA-10-0010 Persistent Cross Site Scripting vulnerability in the > MNET access control interface CVE-2010-2228 > * MSA-10-0011 Cross Site Scripting vulnerability in blog/index.php CVE-2010-2229 > * MSA-10-0012 KSES Security Filter Bypassing vulnerability CVE-2010-2230 > * MSA-10-0013 Potential Cross Site Scripting vulnerability in Quiz > reports CVE-2010-2231 Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ