Lucene search
GoogleOSV:GHSA-P7V9-GJRH-563XHistoryMay 13, 2022 - 1:14 a.m.
Moodle XSS Vulnerability
2022-05-1301:14:06
Google
osv.dev
11
moodle
xss
vulnerability
quiz
question bank
javascript
software
EPSS
0.002
Percentile
62.2%
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. When a quiz question bank is imported, it was possible for the question preview that is displayed to execute JavaScript that is written into the question bank.
References
bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10891
github.com/moodle/moodle
github.com/moodle/moodle/commit/0b18d0c960c27994dd9870d286f2da3fa5868c06
moodle.org/mod/forum/discuss.php?d=373371
nvd.nist.gov/vuln/detail/CVE-2018-10891
web.archive.org/web/20210124185945/https://www.securityfocus.com/bid/104739
Related
cve
cve
CVE-2018-10891
2018-07-10 18:29:00
veracode
veracode
Cross-Site Scripting (XSS)
2018-07-11 02:25:12
osv
osv
CVE-2018-10891
2018-07-10 18:29:00
github
github
Moodle XSS Vulnerability
2022-05-13 01:14:06
prion
prion
Design/Logic Flaw
2018-07-10 18:29:00
cvelist
cvelist
CVE-2018-10891
2018-07-10 18:00:00
ubuntucve
ubuntucve
CVE-2018-10891
2018-07-10 00:00:00
nvd
nvd
CVE-2018-10891
2018-07-10 18:29:00
openvas
openvas
Moodle CMS <= 3.1.12, 3.2.x, 3.3.x <= 3.3.6, 3.4.x <= 3.4.3, 3.5.0 Multiple Vulnerabilities - Linux
2018-07-12 00:00:00
Moodle CMS <= 3.1.12, 3.2.x, 3.3.x <= 3.3.6, 3.4.x <= 3.4.3, 3.5.0 Multiple Vulnerabilities - Windows
2018-07-12 00:00:00
Fedora Update for moodle FEDORA-2018-ebb1e572c0
2018-08-09 00:00:00
nessus
nessus
Fedora 28 : moodle (2018-64955716d6)
2019-01-03 00:00:00
Fedora 27 : moodle (2018-ebb1e572c0)
2018-08-09 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: moodle-3.3.7-1.fc27
2018-08-08 15:36:07
[SECURITY] Fedora 28 Update: moodle-3.4.4-1.fc28
2018-08-08 16:11:34