Lucene search
K

7 matches found

Nuclei
Nuclei
added 13 hours ago1016 views

Moodle LTI module Reflected - Cross-Site Scripting

A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's brows...

6.1CVSS6.5AI score0.03747EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/09/05 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-35653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI...

6.1CVSS6.1AI score0.03747EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2024/02/15 12:0 a.m.5 views

VulnCheck KEV: CVE-2022-35653

A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's...

6.1CVSS6.4AI score0.03747EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.99 views

Moodle 4.0.x < 4.0.2 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.15, 3.11.x prior to 3.11.8 or 4.0.x prior to 4.0.2. It is, therefore, affected by multiple vulnerabilities: - A code injection through an omitted execution parameter elading to Remote Code Execution RCE for sites running...

9.8CVSS7.6AI score0.49102EPSS
Exploits1References10
OpenVAS
OpenVAS
added 2022/07/28 12:0 a.m.26 views

Fedora: Security Advisory for moodle (FEDORA-2022-7e7ce7df2e)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7AI score0.49102EPSS
Exploits1References2
Circl
Circl
added 2022/07/25 8:33 p.m.49 views

CVE-2022-35653

creationtimestamp| type| source ---|---|--- 2022-07-25 20:33:13+00:00| seen| https://t.me/cibsecurity/46937 2023-11-17 04:55:23+00:00| seen| https://t.me/arpsyndicate/203 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-02-04 00:00:00+00:00|...

6.1CVSS6.1AI score0.03747EPSS
In wildExploits0References5
CVE
CVE
added 2022/07/25 3:33 p.m.171 views

CVE-2022-35653

Moodle LTI module Reflected Cross-Site Scripting (CVE-2022-35653) stems from insufficient sanitization of user-supplied data. A remote attacker can lure a user into opening a crafted link and execute arbitrary HTML/JavaScript in the victim’s browser, potentially stealing data or altering the page...

6.1CVSS6.2AI score0.03747EPSS
In wildExploits0References5Affected Software1
Rows per page
Query Builder