Lucene search

K
osvGoogleOSV:GHSA-6656-6QWX-4C2M
HistoryMay 13, 2022 - 1:13 a.m.

Moodle XSS In Tag Autocomplete functionality

2022-05-1301:13:09
Google
osv.dev
6
moodle
xss
vulnerability
tag autocomplete
remote attackers
web script
html

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

56.9%

Cross-site scripting (XSS) vulnerability in the tag autocomplete functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

56.9%