Lucene search

CVE-2021-27131

🗓️ 16 May 2023 20:08:15Reported by mitreType

cve🔗 web.nvd.nist.gov👁 46 Views🌐 WEB

Moodle 3.10.1 XSS Vulnerability via Improper Input Sanitizatio

Reporter	Title	Published	Views	Family All 10
Prion	Cross site scripting	16 May 202320:15	–	prion
UbuntuCve	CVE-2021-27131	16 May 202300:00	–	ubuntucve
OSV	BIT-moodle-2021-27131	6 Mar 202411:10	–	osv
OSV	Moodle vulnerable to stored Cross-site Scripting	16 May 202321:30	–	osv
Cvelist	CVE-2021-27131	16 May 202300:00	–	cvelist
CNVD	Moodle cross-site scripting vulnerability (CNVD-2023-43862)	30 May 202300:00	–	cnvd
NVD	CVE-2021-27131	16 May 202320:15	–	nvd
Github Security Blog	Moodle vulnerable to stored Cross-site Scripting	16 May 202321:30	–	github
Veracode	Cross-Site Scripting (XSS)	30 May 202308:09	–	veracode
OpenVAS	Moodle 3.10.x <= 3.10.11 Multiple Vulnerabilities	25 Oct 202300:00	–	openvas

Nvd

Node

moodle moodleMatch3.10.1

Source	Link
docs	www.docs.moodle.org/402/en/Risks
github	www.github.com/moodle/moodle
github	www.github.com/p4nk4jv/CVEs-Assigned/blob/master/Moodle-3.10.1-CVE-2021-27131.md

Parameter	Position	Path	Description	CWE
Header and Footer	request body	/admin/settings.php	Persistent/stored XSS vulnerability due to improper input sanitization on the Additional HTML Section.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 May 2023 20:15Current

5.3Medium risk

Vulners AI Score5.3

CVSS35.4

EPSS0.00125

CWE-79