Lucene search
RedhatCVELIST:CVE-2015-3174HistoryJun 01, 2015 - 7:00 p.m.
CVE-2015-3174
2015-06-0119:00:00
redhat
www.cve.org
4
mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not set the RISK_XSS bit for graders, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted gradebook feedback during manual quiz grading.
Related
ubuntucve
ubuntucve
CVE-2015-3174
2015-06-01 00:00:00
github
github
Moodle does not set the RISK_XSS bit for graders
2022-05-13 01:12:45
veracode
veracode
Cross-Site Scripting (XSS)
2017-07-27 03:18:22
nvd
nvd
CVE-2015-3174
2015-06-01 19:59:17
cve
cve
CVE-2015-3174
2015-06-01 19:59:17
osv
osv
Moodle does not set the RISK_XSS bit for graders
2022-05-13 01:12:45
prion
prion
Cross site scripting
2015-06-01 19:59:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0229)
2022-01-28 00:00:00
Fedora Update for moodle FEDORA-2015-14996
2015-09-16 00:00:00
Fedora Update for moodle FEDORA-2015-14988
2015-09-16 00:00:00
nessus
nessus
Moodle 2.6.x < 2.6.11 / 2.7.x < 2.7.8 Multiple Vulnerabilities
2016-07-21 00:00:00
Moodle 2.8.x < 2.8.6 Multiple Vulnerabilities
2016-07-21 00:00:00
Fedora 23 : moodle-2.9.1-1.fc23 (2015-14987)
2015-09-21 00:00:00
mageia
mageia
Updated moodle packages fix security vulnerabilities
2015-05-18 22:08:05
fedora
fedora
[SECURITY] Fedora 23 Update: moodle-2.9.1-1.fc23
2015-09-18 19:33:20
[SECURITY] Fedora 21 Update: moodle-2.7.9-1.fc21
2015-09-15 21:22:02
[SECURITY] Fedora 22 Update: moodle-2.8.7-1.fc22
2015-09-15 19:54:05