Lucene search
K

Cross-site scripting (XSS) and Server side request forgery (SSRF) in moodle

🗓️ 29 Mar 2021 20:42:15Reported by GitHub Advisory DatabaseType 
github
 github
🔗 github.com👁 46 Views

Moodle requires sanitizing to prevent stored XSS and blind SSRF risks before versions 3.10.2, 3.9.5, 3.8.8, 3.5.17

Related
Detection
Refs
ReporterTitlePublishedViews
Family
0day.today
Moodle Cross Site Scripting / Server-Side Request Forgery Vulnerabilities
9 Nov 202100:00
zdt
Circl
CVE-2021-20280
16 Mar 202101:29
circl
CNNVD
Moodle 跨站脚本漏洞
15 Mar 202100:00
cnnvd
CNVD
Moodle cross-site scripting vulnerability (CNVD-2021-28733)
19 Mar 202100:00
cnvd
CVE
CVE-2021-20280
15 Mar 202121:35
cve
Cvelist
CVE-2021-20280
15 Mar 202121:35
cvelist
EUVD
EUVD-2021-0721
7 Oct 202500:30
euvd
Fedora
[SECURITY] Fedora 32 Update: moodle-3.8.8-1.fc32
23 Mar 202101:12
fedora
Fedora
[SECURITY] Fedora 33 Update: moodle-3.9.5-1.fc33
23 Mar 202101:34
fedora
Fedora
[SECURITY] Fedora 34 Update: moodle-3.10.2-1.fc34
19 Mar 202120:34
fedora
Rows per page
Vulners
Node
moodlemoodleRange3.53.5.17composer
OR
moodlemoodleRange3.83.8.8composer
OR
moodlemoodleRange3.93.9.5composer
OR
moodlemoodleRange3.103.10.2composer

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

13 Sep 2023 11:38Current
2.8Low risk
Vulners AI Score2.8
CVSS 23.5
CVSS 3.15.4
EPSS0.01277
46