Lucene search
GoogleOSV:GHSA-XHFW-WJJC-4J5HHistoryMay 13, 2022 - 1:49 a.m.
Moodle Cross-site Scripting
2022-05-1301:49:13
Google
osv.dev
3
moodle
cross-site scripting
user authentication
html blocks
security vulnerability
An issue was discovered in Moodle 3.x. An authenticated user is allowed to add HTML blocks containing scripts to their Dashboard; this is normally not a security issue because a personal dashboard is visible to this user only. Through this security vulnerability, users can move such a block to other pages where they can be viewed by other users.
Related
prion
prion
Hardcoded credentials
2018-05-25 12:29:00
ubuntucve
ubuntucve
CVE-2018-1136
2018-05-25 00:00:00
veracode
veracode
Unauthorised Editing To Web Pages
2018-05-28 02:44:17
github
github
Moodle Cross-site Scripting
2022-05-13 01:49:13
nvd
nvd
CVE-2018-1136
2018-05-25 12:29:00
cve
cve
CVE-2018-1136
2018-05-25 12:29:00
cvelist
cvelist
CVE-2018-1136
2018-05-25 12:00:00
osv
osv
CVE-2018-1136
2018-05-25 12:29:00
openvas
openvas
Moodle 3.x Multiple Vulnerabilities (May 2018) - Windows
2018-05-29 00:00:00
Moodle 3.x Multiple Vulnerabilities (May 2018) - Linux
2018-05-29 00:00:00