Moodle Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2011-4280
Reference:
CVE-2011-4280
Title:
Moodle Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:
Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library as used in Moodle 2.0.x before 2.0.2 and other products allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.