Lucene search

Moodle cross-site scripting (XSS) vulnerability

🗓️ 13 May 2022 01:40:12Reported by GitHub Advisory DatabaseType

Moodle XSS vulnerability in user/profile.ph

Reporter	Title	Published	Views	Family All 23
Packet Storm	Moodle 2.7 Cross Site Scripting	25 Jul 201400:00	–	packetstorm
UbuntuCve	CVE-2014-3544	29 Jul 201400:00	–	ubuntucve
CVE	CVE-2014-3544	29 Jul 201411:10	–	cve
OSV	Moodle cross-site scripting (XSS) vulnerability	13 May 202201:12	–	osv
Cvelist	CVE-2014-3544	29 Jul 201410:00	–	cvelist
Veracode	Cross-site Scripting (XSS)	30 Jul 201722:12	–	veracode
NVD	CVE-2014-3544	29 Jul 201411:10	–	nvd
Prion	Cross site scripting	29 Jul 201411:10	–	prion
Tenable Nessus	Moodle < 2.4 / 2.4.x < 2.4.11 / 2.5.x < 2.5.7 / 2.6.x < 2.6.4 / 2.7.x < 2.7.1 Multiple Vulnerabilities	20 Apr 201500:00	–	nessus
Tenable Nessus	Fedora 20 : moodle-2.5.7-1.fc20 (2014-8601)	31 Jul 201400:00	–	nessus

Vulners

Node

moodle moodleRange2.7.0–2.7.1

moodle moodleRange2.6.0–2.6.4

moodle moodleRange2.5.0–2.5.7

moodle moodleRange<2.4.11

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2014-3544
github	www.github.com/moodle/moodle/commit/ce5a785b0962c3c94c7a7b0d36176482d21db95d
moodle	www.moodle.org/mod/forum/discuss.php
git	www.git.moodle.org/gw
openwall	www.openwall.com/lists/oss-security/2014/07/21/1
osandamalith	www.osandamalith.wordpress.com/2014/07/25/moodle-2-7-persistent-xss/
osvdb	www.osvdb.org/show/osvdb/109337
packetstormsecurity	www.packetstormsecurity.com/files/127624/Moodle-2.7-Cross-Site-Scripting.html
exploit-db	www.exploit-db.com/exploits/34169
securityfocus	www.securityfocus.com/bid/68756

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 May 2022 01:12Current

5.3Medium risk

Vulners AI Score5.3

CVSS23.5

EPSS0.01115

CWE-79