CVE-2010-1618 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-1618 Interim 1 5 2023-12-09T01:58:06Z current 2021-05-30T12:51:27Z 2023-12-09T01:58:06Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-1618 Cross-site scripting (XSS) vulnerability in the phpCAS client library before 1.1.0, as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an error message. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ACBTGUNJ6CTYWLVUTLYEKQX3ERY3PSCW/#ACBTGUNJ6CTYWLVUTLYEKQX3ERY3PSCW E-Mail link for SUSE-SR:2010:011 https://www.suse.com/support/security/rating/ SUSE Security Ratings Cross-site scripting (XSS) vulnerability in the phpCAS client library before 1.1.0, as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via a crafted URL, which is not properly handled in an error message. CVE-2010-1618 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N