Lucene search
K

54 matches found

Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.49 views

Moodle 3.11.x < 3.11.12 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.19, 3.11.x prior to 3.11.12, 4.0.x prior to 4.0.6 or 4.1.x prior to 4.1.1. It is, therefore, affected by multiple vulnerabilities: - A Cross-Site Scripting XSS vulnerability due to the lack of sanitization of some returnurl...

8.2CVSS6.1AI score0.00957EPSS
Exploits0References6
OSV
OSV
added 2023/02/17 9:30 p.m.53 views

GHSA-GRMJ-GPWM-98WW Moodle Cross-site Scripting vulnerability

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw...

6.1CVSS5.9AI score0.00854EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2023/02/17 9:30 p.m.35 views

Moodle Cross-site Scripting vulnerability

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw...

6.1CVSS6.1AI score0.00854EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/02/17 8:15 p.m.4 views

CVE-2023-23922

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw...

6.1CVSS6.1AI score0.00854EPSS
Exploits0References4
NVD
NVD
added 2023/02/17 8:15 p.m.28 views

CVE-2023-23922

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw...

6.1CVSS5.9AI score0.00854EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/02/17 8:15 p.m.33 views

CVE-2023-23922

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw...

6.1CVSS6.2AI score0.00854EPSS
Exploits0References2
OSV
OSV
added 2023/02/17 8:15 p.m.5 views

UBUNTU-CVE-2023-23922

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw...

6.1CVSS6.2AI score0.00854EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/02/17 12:0 a.m.18 views

Moodle 跨站脚本漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle, which stems from insufficient cleansing of user-supplied data in blog searches, and which ca...

6.1CVSS5.3AI score0.00854EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/02/17 12:0 a.m.5 views

PT-2023-3323 · Moodle +1 · Moodle +1

Name of the Vulnerable Software and Affected Versions: Moodle affected versions not specified Description: The issue exists due to insufficient sanitization of user-supplied data in the blog search function. A remote attacker can trick the victim into following a specially crafted link, allowing...

9.8CVSS5.8AI score0.44918EPSS
Exploits4References17
Vulnrichment
Vulnrichment
added 2023/02/17 12:0 a.m.12 views

CVE-2023-23922 Moodle: reflected xss risk in blog search

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw...

5.8AI score0.00854EPSS
Exploits0References3
CVE
CVE
added 2023/02/17 12:0 a.m.94 views

CVE-2023-23922

CVE-2023-23922 (Moodle): The vulnerability is an XSS flaw in Moodle’s blog search due to insufficient sanitization of user-supplied data. It allows a remote attacker to lure a user into visiting a crafted link, resulting in arbitrary HTML/JavaScript execution in the context of the vulnerable site...

6.1CVSS5.8AI score0.00854EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/02/17 12:0 a.m.29 views

CVE-2023-23922 Moodle: reflected xss risk in blog search

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw...

6AI score0.00854EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:47 a.m.4 views

SUSE CVE-2017-7490

In Moodle 2.x and 3.x, searching of arbitrary blogs is possible because a capability check is missing...

5.3CVSS7AI score0.01046EPSS
Exploits0References3
OSV
OSV
added 2022/05/13 1:34 a.m.10 views

GHSA-GQRP-QHV8-PHRV Moodle Cross-site Scripting

moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumb navigation provided by Boost theme when displaying search results of a blog were insufficiently filtered, which could result in reflected XSS if a user...

6.1CVSS6.8AI score0.01803EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/05/13 1:34 a.m.25 views

Moodle Cross-site Scripting

moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumb navigation provided by Boost theme when displaying search results of a blog were insufficiently filtered, which could result in reflected XSS if a user...

8.8CVSS6.1AI score0.01803EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2018/09/17 8:29 p.m.20 views

CVE-2018-14631

moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumb navigation provided by Boost theme when displaying search results of a blog were insufficiently filtered, which could result in reflected XSS if a user...

8.8CVSS6.9AI score0.01803EPSS
Exploits0References4
OSV
OSV
added 2018/09/17 8:29 p.m.5 views

UBUNTU-CVE-2018-14631

moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumb navigation provided by Boost theme when displaying search results of a blog were insufficiently filtered, which could result in reflected XSS if a user...

8.8CVSS7.3AI score0.01803EPSS
Exploits0References5
Prion
Prion
added 2018/09/17 8:29 p.m.14 views

Cross site scripting

moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumb navigation provided by Boost theme when displaying search results of a blog were insufficiently filtered, which could result in reflected XSS if a user...

4.3CVSS6.1AI score0.01803EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2018/09/17 8:29 p.m.22 views

CVE-2018-14631

moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumb navigation provided by Boost theme when displaying search results of a blog were insufficiently filtered, which could result in reflected XSS if a user...

8.8CVSS8.4AI score0.01803EPSS
Exploits0References4
OSV
OSV
added 2018/09/17 8:29 p.m.19 views

CVE-2018-14631

moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumb navigation provided by Boost theme when displaying search results of a blog were insufficiently filtered, which could result in reflected XSS if a user...

6.1CVSS5.8AI score0.01803EPSS
Exploits0References4
Rows per page
Query Builder