Lucene search
GitHub Advisory DatabaseGHSA-MX5G-3VXH-RGM8HistoryMay 13, 2022 - 1:13 a.m.
Moodle vulnerable to XSS via bundled spikephpcoverage library
2022-05-1301:13:17
CWE-79
GitHub Advisory Database
github.com
2
Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | lt | 2.0.2 |
References
git.moodle.org/gw?p=moodle.git;a=commit;h=bd654f0ced8af925c27b7c94321f0c299b50b38e
moodle.org/mod/forum/discuss.php?d=170005
openwall.com/lists/oss-security/2011/11/14/1
github.com/advisories/GHSA-mx5g-3vxh-rgm8
github.com/moodle/moodle/commit/bd654f0ced8af925c27b7c94321f0c299b50b38e
nvd.nist.gov/vuln/detail/CVE-2011-4280
Related
cve
cve
CVE-2011-4280
2012-07-16 10:28:00
osv
osv
Moodle vulnerable to XSS via bundled spikephpcoverage library
2022-05-13 01:13:17
prion
prion
Cross site scripting
2012-07-16 10:28:00
cvelist
cvelist
CVE-2011-4280
2012-07-16 10:00:00
ubuntucve
ubuntucve
CVE-2011-4280
2012-07-16 00:00:00
nessus
nessus
Moodle 2.0.x < 2.0.2 Multiple Vulnerabilities
2015-04-20 00:00:00