Lucene search
RedhatCVELIST:CVE-2021-20280HistoryMar 15, 2021 - 9:35 p.m.
CVE-2021-20280
2021-03-1521:35:44
CWE-79
redhat
www.cve.org
Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
CNA Affected
[
{
"product": "moodle",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 3.10.2, 3.9.5, 3.8.8, 3.5.17"
}
]
}
]References
packetstormsecurity.com/files/164817/Moodle-Cross-Site-Scripting-Server-Side-Request-Forgery.html
bugzilla.redhat.com/show_bug.cgi?id=1939037
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGOMHMYM3WICJ6D6U22Z6LPJGT5A6MZM/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT/
moodle.org/mod/forum/discuss.php?d=419651
Related
prion
prion
Server side request forgery (ssrf)
2021-03-15 22:15:00
osv
osv
BIT-moodle-2021-20280
2024-03-06 11:10:58
CVE-2021-20280
2021-03-15 22:15:13
Cross-site scripting (XSS) and Server side request forgery (SSRF) in moodle
2021-03-29 20:42:15
ubuntucve
ubuntucve
CVE-2021-20280
2021-03-15 00:00:00
cve
cve
CVE-2021-20280
2021-03-15 22:15:13
github
github
Cross-site scripting (XSS) and Server side request forgery (SSRF) in moodle
2021-03-29 20:42:15
zdt
zdt
Moodle Cross Site Scripting / Server-Side Request Forgery Vulnerabilities
2021-11-09 00:00:00
veracode
veracode
Cross Site Scripting (XSS)
2021-03-30 04:15:28
nvd
nvd
CVE-2021-20280
2021-03-15 22:15:13
fedora
fedora
[SECURITY] Fedora 32 Update: moodle-3.8.8-1.fc32
2021-03-23 01:12:58
[SECURITY] Fedora 33 Update: moodle-3.9.5-1.fc33
2021-03-23 01:34:46
[SECURITY] Fedora 34 Update: moodle-3.10.2-1.fc34
2021-03-19 20:34:49
openvas
openvas
Fedora: Security Advisory for moodle (FEDORA-2021-431b232659)
2021-03-24 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2021-50f63a0161)
2021-03-24 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2021-1c27e89d49)
2021-03-20 00:00:00
nessus
nessus
Fedora 32 : moodle (2021-50f63a0161)
2021-03-23 00:00:00
Fedora 33 : moodle (2021-431b232659)
2021-03-23 00:00:00
Moodle 3.8.x < 3.8.8 Multiple Vulnerabilities
2023-02-20 00:00:00