CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

OSV•added 2025/08/10 11:48 p.m.•6 views

BIT-MOODLE-2025-26529 Stored XSS risk in admin live log

Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk...

8.3CVSS5.6AI score0.00478EPSS

Exploits1References3

OSV•added 2025/02/24 9:31 p.m.•9 views

GHSA-WR88-X8CM-7CGQ Moodle has a stored XSS risk in admin live log

Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk...

8.3CVSS7.7AI score0.00478EPSS

Exploits1References4

OSV•added 2024/11/11 3:31 p.m.•6 views

GHSA-4HJF-6PXR-549H Moodle Cross-site Scripting vulnerability

A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting XSS risk from malicious backup files...

5.4CVSS5.4AI score0.00338EPSS

Exploits0References5

NVD•added 2024/11/11 1:15 p.m.•27 views

CVE-2024-43437

A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting XSS risk from malicious backup files...

6.1CVSS0.00338EPSS

Exploits0References2

OSV•added 2024/11/11 1:15 p.m.•0 views

UBUNTU-CVE-2024-43437

A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting XSS risk from malicious backup files...

6.1CVSS5.7AI score0.00338EPSS

Exploits0References4

NVD•added 2024/05/03 6:15 p.m.•11 views

CVE-2023-28952

IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to injection attacks in application logging by not sanitizing user provided data. IBM X-Force ID: 251463...

5.3CVSS5.7AI score0.00357EPSS

Exploits0References2

Vulnrichment•added 2023/03/23 12:0 a.m.•6 views

CVE-2023-28331 Moodle: xss risk when outputting database activity filter data

Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk...

6AI score0.00662EPSS

Exploits0References3

Prion•added 2021/09/06 11:15 a.m.•12 views

Authentication flaw

The Email Encoder â€“ Protect Email Addresses WordPress plugin before 2.1.2 has an endpoint that requires no authentication and will render a user supplied value in the HTML response without escaping or sanitizing the data...

4.3CVSS6.3AI score0.00827EPSS

Exploits2References1Affected Software1

seebug.org•added 2014/07/01 12:0 a.m.•12 views

Symantec Gateway Security 5400 Series 2.0 Error Page Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9755/info A vulnerability has been reported to exist in the Symantec Gateway Security Web based management console that may allow a remote user to launch cross-site scripting attacks. The issue is reported to exist due to...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by