|
|
Log in / Subscribe / Register

moodle: multiple vulnerabilities

Package(s):moodle CVE #(s):CVE-2010-2795 CVE-2010-2796
Created:August 23, 2010 Updated:February 23, 2011
Description: From the CVE entries:

phpCAS before 1.1.2 allows remote authenticated users to hijack sessions via a query string containing a crafted ticket value. (CVE-2010-2795)

Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows remote attackers to inject arbitrary web script or HTML via a callback URL. (CVE-2010-2796)

Alerts:
Debian DSA-2172-1 moodle 2011-02-22
Fedora FEDORA-2010-16905 glpi 2010-10-28
Fedora FEDORA-2010-16912 glpi 2010-10-28
Fedora FEDORA-2010-12247 php-pear-CAS 2010-08-07
Fedora FEDORA-2010-12258 php-pear-CAS 2010-08-07
Fedora FEDORA-2010-13254 moodle 2010-08-21
Fedora FEDORA-2010-13250 moodle 2010-08-21
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds