Two Vulnerabilities Detected in Academic Portal Moodle
According to Researchers at IT consultancy company, ProCheckUp, two sever security flaws have been identified in a widely used open-source online CMS (course management system) called Moodle.
Research conducted so far shows that the flaw in the CMS software exposes the application to XSS or cross-site scripting attacks. According to the researchers, the ProCheckUp-developed a XSS exploit, a persistent bug injects malicious content into the open blogs segment of the Moodle Website. This malware then captures the session IDs of users visiting the blogs segment of the site so that a malicious attacker can pretend to be any of the compromised users.
Thus, an attacker might exploit the flaw to capture any of the legitimate ...
» SPAMfighter News - 28-07-2008
We are happy to see you are reading our IT Security News.
To reward your interest, we would like to offer you any of our award-winning products
at the price $19.95. Pick your own favorites.