CVE-2008-3260 (Claroline) |
|
| BugsAlert Home > CVE-2008-3260 (Claroline) | |
|
Multiple cross-site scripting (XSS) vulnerabilities in Claroline before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via (1) the cwd parameter in a rqMkHtml action to document/rqmkhtml.php, or the query string to (2) announcements/announcements.php, (3) calendar/agenda.php, (4) course/index.php, (5) course_description/index.php, (6) document/document.php, (7) exercise/exercise.php, (8) group/group_space.php, (9) phpbb/newtopic.php, (10) phpbb/reply.php, (11) phpbb/view... Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3260 Learn more about CVE-2008-3260 (Claroline) |
|
| Tags: cve-2008-3260 claroline | |
Related Items |
|
|
PE_VIRUT.XV
|
|
|
CVE-2008-4408 (mediawiki)
|
|
|
SSL Certificates Vulnerable to OpenSSL Flaw on Debian
|
|
|
CVE-2008-4649 (elxis_cms)
|
|
|
CVE-2007-6330 (Prolog Manager)
|
|
|
FrSIRT - PHPauction GPL "include_path" Remote File Inclusion Vulnerabilities
|
|
|
CVE-2008-2226 (openkm)
|
|
