Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 21 Jun 2010 14:45:33 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: coley <coley@...re.org>
Subject: Re: CVE request: moodle 1.9.9/1.8.13 multiple
 vulnerabilities

----- "Vincent Danen" <vdanen@...hat.com> wrote:

> Moodle 1.9.9 and 1.8.13 fix a few security issues:
> 
> http://docs.moodle.org/en/Moodle_1.9.9_release_notes
> http://docs.moodle.org/en/Moodle_1.8.13_release_notes
> 
> Which address the following issues:
> 
> * MSA-10-0010 Persistent Cross Site Scripting vulnerability in the
> MNET access control interface

CVE-2010-2228

> * MSA-10-0011 Cross Site Scripting vulnerability in blog/index.php

CVE-2010-2229

> * MSA-10-0012 KSES Security Filter Bypassing vulnerability

CVE-2010-2230

> * MSA-10-0013 Potential Cross Site Scripting vulnerability in Quiz
> reports

CVE-2010-2231

Thanks.

-- 
    JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ