Lucene search
GoogleOSV:GHSA-MGFP-QCF2-PW3MHistoryMay 24, 2022 - 5:35 p.m.
Moodle stored Cross-site Scripting (XSS)
2022-05-2417:35:32
Google
osv.dev
3
The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk. This affects versions 3.9 to 3.9.1. Fixed in 3.9.2.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | eq | 3.9.0-rc3 | |
| moodle/moodle | eq | 3.9.0 | |
| moodle/moodle | eq | 3.9.0-beta | |
| moodle/moodle | eq | 3.9.1 | |
| moodle/moodle | eq | 3.9.0-rc1 | |
| moodle/moodle | eq | 3.9.0-rc2 |
Related
osv
osv
CVE-2020-25627
2020-12-09 01:15:12
BIT-moodle-2020-25627
2024-03-06 11:12:01
ubuntucve
ubuntucve
CVE-2020-25627
2020-12-09 00:00:00
githubexploit
githubexploit
Exploit for Cross-site Scripting in Moodle
2021-06-18 10:37:23
openvas
openvas
Moodle 3.9.x < 3.9.2 XSS Vulnerability
2020-12-10 00:00:00
cvelist
cvelist
CVE-2020-25627
2020-12-09 00:04:20
cve
cve
CVE-2020-25627
2020-12-09 01:15:12
nvd
nvd
CVE-2020-25627
2020-12-09 01:15:12
veracode
veracode
Cross-Site Scripting (XSS)
2020-12-10 03:03:09
github
github
Moodle stored Cross-site Scripting (XSS)
2022-05-24 17:35:32
prion
prion
Cross site scripting
2020-12-09 01:15:00