In Moodle, ID numbers exported in HTML data formats required additional sanitizing to prevent a local stored XSS risk
Reporter | Title | Published | Views | Family All 12 |
---|---|---|---|---|
UbuntuCve | CVE-2021-36401 | 6 Mar 202300:00 | – | ubuntucve |
OSV | Moodle vulnerable to Stored Cross-site Scripting | 7 Mar 202300:30 | – | osv |
OSV | CVE-2021-36401 | 6 Mar 202322:15 | – | osv |
OSV | BIT-moodle-2021-36401 | 6 Mar 202411:08 | – | osv |
Prion | Cross site scripting | 6 Mar 202322:15 | – | prion |
Github Security Blog | Moodle vulnerable to Stored Cross-site Scripting | 7 Mar 202300:30 | – | github |
NVD | CVE-2021-36401 | 6 Mar 202322:15 | – | nvd |
Cvelist | CVE-2021-36401 | 6 Mar 202300:00 | – | cvelist |
OpenVAS | Moodle < 3.9.8, 3.10.x < 3.10.5, 3.11.x < 3.11.1 Multiple Vulnerabilities | 7 Mar 202300:00 | – | openvas |
Tenable Nessus | Moodle 3.11.x < 3.11.1 Multiple Vulnerabilities | 20 Feb 202300:00 | – | nessus |
[
{
"vendor": "n/a",
"product": "Moodle",
"versions": [
{
"version": "3.11, 3.10 to 3.10.4, 3.9 to 3.9.7 and earlier unsupported versions",
"status": "affected"
}
]
}
]
Source | Link |
---|---|
moodle | www.moodle.org/mod/forum/discuss.php |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo