Lucene search
GoogleOSV:GHSA-2HW6-6RGF-726VHistoryMay 13, 2022 - 1:12 a.m.
Moodle XSS Vulnerability
2022-05-1301:12:48
Google
osv.dev
5
moodle
xss
vulnerability
flowplayer
remote attack
cross-site scripting
.swf file
EPSS
0.001
Percentile
47.4%
Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly restrict the availability of Flowplayer, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted .swf file.
Related
cvelist
cvelist
CVE-2015-5337
2016-02-22 02:00:00
nvd
nvd
CVE-2015-5337
2016-02-22 05:59:15
github
github
Moodle XSS Vulnerability
2022-05-13 01:12:48
prion
prion
Cross site scripting
2016-02-22 05:59:00
veracode
veracode
Cross-site Scripting (XSS)
2017-07-26 23:34:55
cve
cve
CVE-2015-5337
2016-02-22 05:59:15
ubuntucve
ubuntucve
CVE-2015-5337
2016-02-22 00:00:00
nessus
nessus
Moodle < 2.7.11 / 2.8.x < 2.8.9 / 2.9.x < 2.9.3 Multiple Vulnerabilities
2016-04-08 00:00:00
Fedora 23 : moodle-2.9.3-1.fc23 (2015-98fc0d20ad)
2016-03-04 00:00:00
Fedora 22 : moodle-2.8.9-1.fc22 (2015-2ebdd4ad8f)
2016-03-04 00:00:00
mageia
mageia
Updated moodle packages fix security vulnerability
2015-12-05 13:03:58
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0464)
2015-12-08 00:00:00
Fedora Update for moodle FEDORA-2015-2
2015-12-12 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: moodle-2.8.9-1.fc22
2015-12-12 01:55:37
[SECURITY] Fedora 23 Update: moodle-2.9.3-1.fc23
2015-12-11 23:57:23