153 matches found
CVE-2023-28333
The Mustache pix helper contained a potential Mustache injection risk if combined with user input note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS...
UBUNTU-CVE-2023-28333
The Mustache pix helper contained a potential Mustache injection risk if combined with user input note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS...
Code injection
The Mustache pix helper contained a potential Mustache injection risk if combined with user input note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS...
CVE-2023-28333 Moodle: pix helper potential mustache code injection risk
The Mustache pix helper contained a potential Mustache injection risk if combined with user input note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS...
CVE-2023-28333 Moodle: pix helper potential mustache code injection risk
The Mustache pix helper contained a potential Mustache injection risk if combined with user input note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS...
CVE-2023-28333
CVE-2023-28333 describes a potential injection risk in Moodle’s Mustache pix helper when combined with user input. The description notes this did not appear to be implemented or exploitable in the core Moodle LMS. Connected documents corroborate exposure across multiple Moodle versions (3.11–4.2 ...
CVE-2023-28333 Moodle: pix helper potential mustache code injection risk
The Mustache pix helper contained a potential Mustache injection risk if combined with user input note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS...
Moodle 代码注入漏洞
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle. An attacker exploited the vulnerability to perform a Mustache injection attack...
Moodle 4.0.x < 4.0.4 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.17, 3.11.x prior to 3.11.10 or 4.0.x prior to 4.0.4. It is, therefore, affected by multiple vulnerabilities: - A stored Cross-Site Scripting XSS and page Denial of Service DoS vulnerabilities due to recursive rendering in...
Moodle 3.9.x < 3.9.16 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.16, 3.11.x prior to 3.11.9 or 4.0.x prior to 4.0.3. It is, therefore, affected by multiple vulnerabilities: - A vulnerable version of the Mustache template library included in Moodle. CVE-2022-0323 - A Cross-Site Request...
Moodle 3.11.x < 3.11.9 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.16, 3.11.x prior to 3.11.9 or 4.0.x prior to 4.0.3. It is, therefore, affected by multiple vulnerabilities: - A vulnerable version of the Mustache template library included in Moodle. CVE-2022-0323 - A Cross-Site Request...
Moodle 4.0.x < 4.0.3 Multiple Vulnerabilities
The version of Moodle installed on the remote host is 3.9.x prior to 3.9.16, 3.11.x prior to 3.11.9 or 4.0.x prior to 4.0.3. It is, therefore, affected by multiple vulnerabilities: - A vulnerable version of the Mustache template library included in Moodle. CVE-2022-0323 - A Cross-Site Request...
SUSE CVE-2015-8862
mustache package before 2.2.1 for Node.js allows remote attackers to conduct cross-site scripting XSS attacks by leveraging a template with an attribute that is not quoted...
The vulnerability of the implementation of the recursive rendering function for the Mustache helper components in the Moodle template system allows attackers to perform cross-site scripting attacks or cause service failures.
The vulnerability of the recursive rendering implementation of the Mustache helper components in the Mustache template system of the virtual training environment Moodle is related to improper validation of input data. Exploiting this vulnerability allows an attacker to perform cross-site scriptin...
Cross-site Scripting (XSS)
moodle is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to a lack of sanitization of user input to a recursive lambda function rendering to the Mustache template helper renderer allowing an attacker to inject maliciously crafted script into the system...
GHSA-JQGR-GH62-JF53 Moodle Stored Cross-site Scripting and page denial of service
Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an Cross-site Scripting risk or a page failing to load...
Moodle Stored Cross-site Scripting and page denial of service
Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an Cross-site Scripting risk or a page failing to load...
CVE-2022-40313
Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load...
CVE-2022-40313
Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load...
Default credentials
Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load...