CVE-2008-5432

Common Vulnerabilities and Exposures

CVE-2008-5432 at MITRE

Details

Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 before 1.7.6, 1.8 before 1.8.7, and 1.9 before 1.9.3 allows remote attackers to inject arbitrary web script or HTML via a Wiki page name (aka page title).

Novell Bugzilla entry: 457599

SUSE Security Advisories:

SUSE-SR:2009:003, published Mon, 02 Feb 2009 16:30:00 +0000
SUSE-SR:2009:003 , published Mon, 02 Feb 2009 16:30:00 +0000

Product(s)	Fixed package version(s)	References
openSUSE 10.3	`moodle >= 1.8.2-17.10` `moodle-af >= 1.8.2-17.10` `moodle-ar >= 1.8.2-17.10` `moodle-be >= 1.8.2-17.10` `moodle-bg >= 1.8.2-17.10` `moodle-bs >= 1.8.2-17.10` `moodle-ca >= 1.8.2-17.10` `moodle-cs >= 1.8.2-17.10` `moodle-da >= 1.8.2-17.10` `moodle-de >= 1.8.2-17.10` `moodle-de_du >= 1.8.2-17.10` `moodle-el >= 1.8.2-17.10` `moodle-es >= 1.8.2-17.10` `moodle-et >= 1.8.2-17.10` `moodle-eu >= 1.8.2-17.10` `moodle-fa >= 1.8.2-17.10` `moodle-fi >= 1.8.2-17.10` `moodle-fr >= 1.8.2-17.10` `moodle-ga >= 1.8.2-17.10` `moodle-gl >= 1.8.2-17.10` `moodle-he >= 1.8.2-17.10` `moodle-hi >= 1.8.2-17.10` `moodle-hr >= 1.8.2-17.10` `moodle-hu >= 1.8.2-17.10` `moodle-id >= 1.8.2-17.10` `moodle-is >= 1.8.2-17.10` `moodle-it >= 1.8.2-17.10` `moodle-ja >= 1.8.2-17.10` `moodle-ka >= 1.8.2-17.10` `moodle-km >= 1.8.2-17.10` `moodle-kn >= 1.8.2-17.10` `moodle-ko >= 1.8.2-17.10` `moodle-lt >= 1.8.2-17.10` `moodle-lv >= 1.8.2-17.10` `moodle-mi_tn >= 1.8.2-17.10` `moodle-ms >= 1.8.2-17.10` `moodle-nl >= 1.8.2-17.10` `moodle-nn >= 1.8.2-17.10` `moodle-no >= 1.8.2-17.10` `moodle-pl >= 1.8.2-17.10` `moodle-pt >= 1.8.2-17.10` `moodle-ro >= 1.8.2-17.10` `moodle-ru >= 1.8.2-17.10` `moodle-sk >= 1.8.2-17.10` `moodle-sl >= 1.8.2-17.10` `moodle-so >= 1.8.2-17.10` `moodle-sq >= 1.8.2-17.10` `moodle-sr >= 1.8.2-17.10` `moodle-sv >= 1.8.2-17.10` `moodle-th >= 1.8.2-17.10` `moodle-tl >= 1.8.2-17.10` `moodle-tr >= 1.8.2-17.10` `moodle-uk >= 1.8.2-17.10` `moodle-vi >= 1.8.2-17.10` `moodle-zh_cn >= 1.8.2-17.10`	ZYPP Patch Nr: 5938 SAT Patch Nr: 445
openSUSE 11.0	`moodle-debuginfo >= 1.9.0-24.4`	ZYPP Patch Nr: 5938 SAT Patch Nr: 445
openSUSE 11.0	`moodle >= 1.9.0-24.4` `moodle-af >= 1.9.0-24.4` `moodle-ar >= 1.9.0-24.4` `moodle-be >= 1.9.0-24.4` `moodle-bg >= 1.9.0-24.4` `moodle-bs >= 1.9.0-24.4` `moodle-ca >= 1.9.0-24.4` `moodle-cs >= 1.9.0-24.4` `moodle-da >= 1.9.0-24.4` `moodle-de >= 1.9.0-24.4` `moodle-de_du >= 1.9.0-24.4` `moodle-el >= 1.9.0-24.4` `moodle-es >= 1.9.0-24.4` `moodle-et >= 1.9.0-24.4` `moodle-eu >= 1.9.0-24.4` `moodle-fa >= 1.9.0-24.4` `moodle-fi >= 1.9.0-24.4` `moodle-fr >= 1.9.0-24.4` `moodle-ga >= 1.9.0-24.4` `moodle-gl >= 1.9.0-24.4` `moodle-he >= 1.9.0-24.4` `moodle-hi >= 1.9.0-24.4` `moodle-hr >= 1.9.0-24.4` `moodle-hu >= 1.9.0-24.4` `moodle-id >= 1.9.0-24.4` `moodle-is >= 1.9.0-24.4` `moodle-it >= 1.9.0-24.4` `moodle-ja >= 1.9.0-24.4` `moodle-ka >= 1.9.0-24.4` `moodle-km >= 1.9.0-24.4` `moodle-kn >= 1.9.0-24.4` `moodle-ko >= 1.9.0-24.4` `moodle-lt >= 1.9.0-24.4` `moodle-lv >= 1.9.0-24.4` `moodle-mi_tn >= 1.9.0-24.4` `moodle-ms >= 1.9.0-24.4` `moodle-nl >= 1.9.0-24.4` `moodle-nn >= 1.9.0-24.4` `moodle-no >= 1.9.0-24.4` `moodle-pl >= 1.9.0-24.4` `moodle-pt >= 1.9.0-24.4` `moodle-ro >= 1.9.0-24.4` `moodle-ru >= 1.9.0-24.4` `moodle-sk >= 1.9.0-24.4` `moodle-sl >= 1.9.0-24.4` `moodle-so >= 1.9.0-24.4` `moodle-sq >= 1.9.0-24.4` `moodle-sr >= 1.9.0-24.4` `moodle-sv >= 1.9.0-24.4` `moodle-th >= 1.9.0-24.4` `moodle-tl >= 1.9.0-24.4` `moodle-tr >= 1.9.0-24.4` `moodle-uk >= 1.9.0-24.4` `moodle-vi >= 1.9.0-24.4` `moodle-zh_cn >= 1.9.0-24.4`	ZYPP Patch Nr: 5938 SAT Patch Nr: 445