Insufficient escaping of calendar event titles leading to stored XSS risk in event deletion prompt
Reporter | Title | Published | Views | Family All 16 |
---|---|---|---|---|
![]() | CVE-2024-38274 | 18 Jun 202400:00 | – | ubuntucve |
![]() | GHSA-P5CG-6RFR-6MX8 Moodle stored XSS via calendar's event title when deleting the event | 18 Jun 202421:30 | – | osv |
![]() | UBUNTU-CVE-2024-38274 | 18 Jun 202420:15 | – | osv |
![]() | CVE-2024-38274 | 18 Jun 202420:15 | – | osv |
![]() | Cross-site Scripting (XSS) | 19 Jun 202410:22 | – | veracode |
![]() | Moodle stored XSS via calendar's event title when deleting the event | 18 Jun 202421:30 | – | github |
![]() | CVE-2024-38274 moodle: stored XSS via calendar's event title when deleting the event | 18 Jun 202419:49 | – | cvelist |
![]() | CVE-2024-38274 moodle: stored XSS via calendar's event title when deleting the event | 18 Jun 202419:49 | – | vulnrichment |
![]() | CVE-2024-38274 | 18 Jun 202420:15 | – | nvd |
![]() | Fedora: Security Advisory (FEDORA-2024-020937763e) | 27 Jun 202400:00 | – | openvas |
[
{
"vendor": "Moodle",
"product": "Moodle",
"versions": [
{
"status": "affected",
"version": "4.4",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.3",
"lessThanOrEqual": "4.3.4",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.2",
"lessThanOrEqual": "4.2.7",
"versionType": "semver"
},
{
"status": "affected",
"version": "4.1",
"lessThanOrEqual": "4.1.10",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo