Lucene search

CVE-2024-34000 moodle: stored XSS in lesson overview report via user ID number

🗓️ 31 May 2024 20:11:01Reported by fedoraType

Stored XSS risk in lesson overview report

Reporter	Title	Published	Views	Family All 11
OSV	CVE-2024-34000	31 May 202420:15	–	osv
OSV	UBUNTU-CVE-2024-34000	31 May 202420:15	–	osv
OSV	GHSA-8QWH-4VWV-7C5M Moodle Cross-site Scripting (XSS)	31 May 202421:30	–	osv
Vulnrichment	CVE-2024-34000 moodle: stored XSS in lesson overview report via user ID number	31 May 202420:01	–	vulnrichment
CVE	CVE-2024-34000	31 May 202420:15	–	cve
UbuntuCve	CVE-2024-34000	31 May 202400:00	–	ubuntucve
NVD	CVE-2024-34000	31 May 202420:15	–	nvd
Github Security Blog	Moodle Cross-site Scripting (XSS)	31 May 202421:30	–	github
Veracode	Cross-site Scripting (XSS)	7 Jun 202406:58	–	veracode
OpenVAS	Moodle < 4.1.10, 4.2.x < 4.2.7, 4.3.x < 4.3.4 Multiple Vulnerabilities	14 May 202400:00	–	openvas

[
  {
    "collectionURL": "https://git.moodle.org",
    "packageName": "Moodle",
    "versions": [
      {
        "status": "affected",
        "version": "4.0",
        "lessThanOrEqual": "4.3.3",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.2",
        "lessThanOrEqual": "4.2.6",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.1",
        "lessThanOrEqual": "4.1.9",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
moodle	www.moodle.org/mod/forum/discuss.php

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

31 May 2024 20:01Current

5.4Medium risk

Vulners AI Score5.4

EPSS0.00043

CWE-79