SecuritySpace - CVE-2015-3274

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2015-3274

Description: Cross-site scripting (XSS) vulnerability in the user_get_user_details function in user/lib.php in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allows remote attackers to inject arbitrary web script or HTML by leveraging absence of an external_format_text call in a web service.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-3274
http://openwall.com/lists/oss-security/2015/07/13/2
http://www.securitytracker.com/id/1032877

CVE ID:	CVE-2015-3274
Description:	Cross-site scripting (XSS) vulnerability in the user_get_user_details function in user/lib.php in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allows remote attackers to inject arbitrary web script or HTML by leveraging absence of an external_format_text call in a web service.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2015-3274 http://openwall.com/lists/oss-security/2015/07/13/2 http://www.securitytracker.com/id/1032877