Red Hat Bugzilla – Bug 428731
CVE-2008-0123 Moodle install.php XSS
Last modified: 2008-01-16 02:40:18 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-0123 to the following vulnerability:
Cross-site scripting (XSS) vulnerability in install.php for Moodle 1.8.3, and possibly other versions before 1.8.4, allows remote attackers to inject arbitrary web script or HTML via the dbname parameter. NOTE: this issue only exists until the installation is complete.
moodle-1.8.4-1.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
moodle-1.8.4-1.fc7 has been pushed to the Fedora 7 stable repository. If problems still persist, please make note of it in this bug report.
This issue was addressed in: