Lucene search

CVE-2018-1136

🗓️ 25 May 2018 12:00:29Reported by redhatType

An authenticated user in Moodle 3.x can add HTML blocks with scripts to their Dashboard, posing a security risk

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 11
Prion	Hardcoded credentials	25 May 201812:29	–	prion
Veracode	Unauthorised Editing To Web Pages	28 May 201802:44	–	veracode
NVD	CVE-2018-1136	25 May 201812:29	–	nvd
Github Security Blog	Moodle Cross-site Scripting	13 May 202201:49	–	github
OSV	UBUNTU-CVE-2018-1136	25 May 201812:29	–	osv
OSV	CVE-2018-1136	25 May 201812:29	–	osv
OSV	GHSA-XHFW-WJJC-4J5H Moodle Cross-site Scripting	13 May 202201:49	–	osv
UbuntuCve	CVE-2018-1136	25 May 201800:00	–	ubuntucve
Cvelist	CVE-2018-1136	25 May 201812:00	–	cvelist
OpenVAS	Moodle 3.x Multiple Vulnerabilities (May 2018) - Linux	29 May 201800:00	–	openvas

Nvd

Vulners

Node

moodle moodleRange3.1.0–3.1.11

moodle moodleRange3.2.0–3.2.8

moodle moodleRange3.3.0–3.3.5

moodle moodleRange3.4.0–3.4.2

[
  {
    "product": "Moodle 3.x unknown",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Moodle 3.x unknown"
      }
    ]
  }
]

Source	Link
moodle	www.moodle.org/mod/forum/discuss.php
securityfocus	www.securityfocus.com/bid/104307

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

25 May 2018 12:29Current

4.6Medium risk

Vulners AI Score4.6

CVSS24

CVSS34.3

EPSS0.0033

CWE-79