Lucene search
+L

153 matches found

NVD
NVD
added 2023/03/23 9:15 p.m.20 views

CVE-2023-28333

The Mustache pix helper contained a potential Mustache injection risk if combined with user input note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS...

9.8CVSS9.5AI score0.01166EPSS
Exploits0References3
OSV
OSV
added 2023/03/23 9:15 p.m.2 views

UBUNTU-CVE-2023-28333

The Mustache pix helper contained a potential Mustache injection risk if combined with user input note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS...

9.8CVSS6.4AI score0.01166EPSS
Exploits0References3
Prion
Prion
added 2023/03/23 9:15 p.m.24 views

Code injection

The Mustache pix helper contained a potential Mustache injection risk if combined with user input note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS...

7.5CVSS9.4AI score0.01166EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/03/23 12:0 a.m.20 views

CVE-2023-28333 Moodle: pix helper potential mustache code injection risk

The Mustache pix helper contained a potential Mustache injection risk if combined with user input note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS...

6.8AI score0.01166EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/03/23 12:0 a.m.30 views

CVE-2023-28333 Moodle: pix helper potential mustache code injection risk

The Mustache pix helper contained a potential Mustache injection risk if combined with user input note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS...

9.7AI score0.01166EPSS
Exploits0References3
CVE
CVE
added 2023/03/23 12:0 a.m.103 views

CVE-2023-28333

CVE-2023-28333 describes a potential injection risk in Moodle’s Mustache pix helper when combined with user input. The description notes this did not appear to be implemented or exploitable in the core Moodle LMS. Connected documents corroborate exposure across multiple Moodle versions (3.11–4.2 ...

9.8CVSS9.4AI score0.01166EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/03/23 12:0 a.m.19 views

CVE-2023-28333 Moodle: pix helper potential mustache code injection risk

The Mustache pix helper contained a potential Mustache injection risk if combined with user input note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS...

9.8CVSS6.5AI score0.01166EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/03/21 12:0 a.m.6 views

Moodle 代码注入漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle. An attacker exploited the vulnerability to perform a Mustache injection attack...

9.8CVSS6.3AI score0.01166EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.95 views

Moodle 4.0.x < 4.0.4 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.17, 3.11.x prior to 3.11.10 or 4.0.x prior to 4.0.4. It is, therefore, affected by multiple vulnerabilities: - A stored Cross-Site Scripting XSS and page Denial of Service DoS vulnerabilities due to recursive rendering in...

9.8CVSS7.3AI score0.0159EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.31 views

Moodle 3.9.x < 3.9.16 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.16, 3.11.x prior to 3.11.9 or 4.0.x prior to 4.0.3. It is, therefore, affected by multiple vulnerabilities: - A vulnerable version of the Mustache template library included in Moodle. CVE-2022-0323 - A Cross-Site Request...

8.8CVSS8.9AI score0.00691EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.35 views

Moodle 3.11.x < 3.11.9 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.16, 3.11.x prior to 3.11.9 or 4.0.x prior to 4.0.3. It is, therefore, affected by multiple vulnerabilities: - A vulnerable version of the Mustache template library included in Moodle. CVE-2022-0323 - A Cross-Site Request...

8.8CVSS8.9AI score0.00691EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/02/20 12:0 a.m.37 views

Moodle 4.0.x < 4.0.3 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.16, 3.11.x prior to 3.11.9 or 4.0.x prior to 4.0.3. It is, therefore, affected by multiple vulnerabilities: - A vulnerable version of the Mustache template library included in Moodle. CVE-2022-0323 - A Cross-Site Request...

8.8CVSS8.9AI score0.00691EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:10 a.m.4 views

SUSE CVE-2015-8862

mustache package before 2.2.1 for Node.js allows remote attackers to conduct cross-site scripting XSS attacks by leveraging a template with an attribute that is not quoted...

6.1CVSS6.1AI score0.01427EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/10/21 12:0 a.m.11 views

The vulnerability of the implementation of the recursive rendering function for the Mustache helper components in the Moodle template system allows attackers to perform cross-site scripting attacks or cause service failures.

The vulnerability of the recursive rendering implementation of the Mustache helper components in the Mustache template system of the virtual training environment Moodle is related to improper validation of input data. Exploiting this vulnerability allows an attacker to perform cross-site scriptin...

7.5CVSS5.9AI score0.0054EPSS
Exploits0References9Affected Software3
Veracode
Veracode
added 2022/10/03 6:14 a.m.74 views

Cross-site Scripting (XSS)

moodle is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to a lack of sanitization of user input to a recursive lambda function rendering to the Mustache template helper renderer allowing an attacker to inject maliciously crafted script into the system...

7.1CVSS7AI score0.0054EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2022/10/01 12:0 a.m.16 views

GHSA-JQGR-GH62-JF53 Moodle Stored Cross-site Scripting and page denial of service

Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an Cross-site Scripting risk or a page failing to load...

7.1CVSS6.7AI score0.0054EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/10/01 12:0 a.m.25 views

Moodle Stored Cross-site Scripting and page denial of service

Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an Cross-site Scripting risk or a page failing to load...

7.1CVSS6.3AI score0.0054EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2022/09/30 5:15 p.m.29 views

CVE-2022-40313

Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load...

7.1CVSS0.0054EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2022/09/30 5:15 p.m.42 views

CVE-2022-40313

Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load...

7.1CVSS6.4AI score0.0054EPSS
Exploits0References1
Prion
Prion
added 2022/09/30 5:15 p.m.24 views

Default credentials

Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load...

6.8CVSS6.5AI score0.0054EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder