7 matches found
Moodle LTI module Reflected - Cross-Site Scripting
A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's brows...
Linux Distros Unpatched Vulnerability : CVE-2022-35653
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI...
VulnCheck KEV: CVE-2022-35653
A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's...
Moodle 4.0.x < 4.0.2 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.15, 3.11.x prior to 3.11.8 or 4.0.x prior to 4.0.2. It is, therefore, affected by multiple vulnerabilities: - A code injection through an omitted execution parameter elading to Remote Code Execution RCE for sites running...
Fedora: Security Advisory for moodle (FEDORA-2022-7e7ce7df2e)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-35653
creationtimestamp| type| source ---|---|--- 2022-07-25 20:33:13+00:00| seen| https://t.me/cibsecurity/46937 2023-11-17 04:55:23+00:00| seen| https://t.me/arpsyndicate/203 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-02-04 00:00:00+00:00|...
CVE-2022-35653
Moodle LTI module Reflected Cross-Site Scripting (CVE-2022-35653) stems from insufficient sanitization of user-supplied data. A remote attacker can lure a user into opening a crafted link and execute arbitrary HTML/JavaScript in the victim’s browser, potentially stealing data or altering the page...