CVE-2010-1619 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-1619 Interim 1 5 2023-12-09T01:58:06Z current 2021-05-30T12:51:27Z 2023-12-09T01:58:06Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-1619 Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php), as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via crafted HTML entities. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ACBTGUNJ6CTYWLVUTLYEKQX3ERY3PSCW/#ACBTGUNJ6CTYWLVUTLYEKQX3ERY3PSCW E-Mail link for SUSE-SR:2010:011 https://www.suse.com/support/security/rating/ SUSE Security Ratings Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML text cleaning library (weblib.php), as used in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8, allows remote attackers to inject arbitrary web script or HTML via crafted HTML entities. CVE-2010-1619 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N