Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2008-1502

The _bad_protocol_once function in phpgwapi/inc/class.kses.inc.php in KSES, as used in eGroupWare before 1.4.003, Moodle before 1.8.5, and other products, allows remote attackers to bypass HTML filtering and conduct cross-site scripting (XSS) attacks via a string containing crafted URL protocols.

Published

2008-03-25T19:44:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	egroupware	egroupware	≤ 1.4.002	Yes
Application	egroupware	egroupware	1.0	Yes
Application	egroupware	egroupware	1.0.1	Yes
Application	egroupware	egroupware	1.0.3	Yes
Application	egroupware	egroupware	1.0.6	Yes
Application	egroupware	egroupware	1.2.106-2	Yes
Application	egroupware	egroupware	1.4.001	Yes
Application	moodle	moodle	≤ 1.8.4	Yes
Application	moodle	moodle	1.1.1	Yes
Application	moodle	moodle	1.2.0	Yes
Application	moodle	moodle	1.2.1	Yes
Application	moodle	moodle	1.3.0	Yes
Application	moodle	moodle	1.3.1	Yes
Application	moodle	moodle	1.3.2	Yes
Application	moodle	moodle	1.3.3	Yes
Application	moodle	moodle	1.3.4	Yes
Application	moodle	moodle	1.4.1	Yes
Application	moodle	moodle	1.4.2	Yes
Application	moodle	moodle	1.4.3	Yes
Application	moodle	moodle	1.4.4	Yes
Application	moodle	moodle	1.4.5	Yes
Application	moodle	moodle	1.5	Yes
Application	moodle	moodle	1.5.0	Yes
Application	moodle	moodle	1.5.1	Yes
Application	moodle	moodle	1.5.2	Yes
Application	moodle	moodle	1.5.3	Yes
Application	moodle	moodle	1.6.0	Yes
Application	moodle	moodle	1.6.1	Yes
Application	moodle	moodle	1.6.2	Yes
Application	moodle	moodle	1.6.3	Yes
Application	moodle	moodle	1.6.4	Yes
Application	moodle	moodle	1.6.5	Yes
Application	moodle	moodle	1.6.6	Yes
Application	moodle	moodle	1.6.7	Yes
Application	moodle	moodle	1.7.1	Yes
Application	moodle	moodle	1.7.2	Yes
Application	moodle	moodle	1.7.3	Yes
Application	moodle	moodle	1.7.4	Yes
Application	moodle	moodle	1.7.5	Yes
Application	moodle	moodle	1.7.6	Yes
Application	moodle	moodle	1.8.1	Yes
Application	moodle	moodle	1.8.2	Yes
Application	moodle	moodle	1.8.3	Yes

References

http://docs.moodle.org/en/Release_Notes#Moodle_1.8.5 Patch, Vendor Advisory ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html ([email protected])
http://secunia.com/advisories/29491 Vendor Advisory ([email protected])
http://secunia.com/advisories/30073 Vendor Advisory ([email protected])
http://secunia.com/advisories/30986 Vendor Advisory ([email protected])
http://secunia.com/advisories/31017 Vendor Advisory ([email protected])
http://secunia.com/advisories/31018 Vendor Advisory ([email protected])
http://secunia.com/advisories/31167 ([email protected])
http://secunia.com/advisories/32400 Vendor Advisory ([email protected])
http://secunia.com/advisories/32446 Vendor Advisory ([email protected])
http://www.debian.org/security/2008/dsa-1691 Patch ([email protected])
http://www.debian.org/security/2009/dsa-1871 ([email protected])
http://www.egroupware.org/changelog ([email protected])
http://www.egroupware.org/viewvc/branches/1.4/phpgwapi/inc/class.kses.inc.php?r1=23625&r2=25110&pathrev=25110 Exploit ([email protected])
http://www.gentoo.org/security/en/glsa/glsa-200805-04.xml ([email protected])
http://www.openwall.com/lists/oss-security/2008/07/08/14 ([email protected])
http://www.securityfocus.com/bid/28424 Patch ([email protected])
http://www.vupen.com/english/advisories/2008/0989/references Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/41435 ([email protected])
https://usn.ubuntu.com/658-1/ ([email protected])
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00331.html ([email protected])
http://docs.moodle.org/en/Release_Notes#Moodle_1.8.5 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/29491 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/30073 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/30986 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31017 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31018 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/31167 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32400 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/32446 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2008/dsa-1691 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2009/dsa-1871 (af854a3a-2127-422b-91ae-364da2661108)
http://www.egroupware.org/changelog (af854a3a-2127-422b-91ae-364da2661108)
http://www.egroupware.org/viewvc/branches/1.4/phpgwapi/inc/class.kses.inc.php?r1=23625&r2=25110&pathrev=25110 Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200805-04.xml (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2008/07/08/14 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/28424 Patch (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/0989/references Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/41435 (af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/658-1/ (af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00331.html (af854a3a-2127-422b-91ae-364da2661108)