Vulnerabilities > CVE-2006-6625 - Input Validation vulnerability in Moodle 1.6.1

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
moodle
exploit available
NVD
Published: 2006-12-18
Updated: 2008-09-05

Summary

Cross-site scripting (XSS) vulnerability in mod/forum/discuss.php in Moodle 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the navtail parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Configurations

Part Description Count
Application
Moodle
1

Exploit-Db

descriptionMoodle 1.5/1.6 mod/forum/discuss.php navtail Parameter XSS. CVE-2006-6625. Webapps exploit for php platform
idEDB-ID:29284
last seen2016-02-03
modified2006-12-14
published2006-12-14
reporterJose Miguel Yanez Venegas
sourcehttps://www.exploit-db.com/download/29284/
titleMoodle 1.5/1.6 mod/forum/discuss.php navtail Parameter XSS

References