Two Vulnerabilities Detected in Academic Portal Moodle
According to Researchers at IT consultancy company, ProCheckUp, two sever security flaws have been identified in a widely used open-source online CMS (course management system) called Moodle.
Research conducted so far shows that the flaw in the CMS software exposes the application to XSS or cross-site scripting attacks. According to the researchers, the ProCheckUp-developed a XSS exploit, a persistent bug injects malicious content into the open blogs segment of the Moodle Website. This malware then captures the session IDs of users visiting the blogs segment of the site so that a malicious attacker can pretend to be any of the compromised users.
Thus, an attacker might exploit the flaw to capture any of the legitimate ...
» SPAMfighter News - 7/28/2008
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!