Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

RedhatCVE
RedhatCVEadded 2025/10/22 12:11 a.m.5 views

CVE-2025-60506

Moodle PDF Annotator plugin v1.5 release 9 allows stored cross-site scripting XSS via the Public Comments feature. An attacker with a low-privileged account e.g., Student can inject arbitrary JavaScript payloads into a comment. When any other user Student, Teacher, or Admin views the annotated PD...

5.4CVSS5.9AI score0.00197EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/10/21 12:0 a.m.1 views

Moodle PDF Annotator plugin 安全漏洞

Moodle PDF Annotator plugin is an open source teaching plugin for Moodle. A security vulnerability exists in Moodle PDF Annotator plugin version 1.5 release 9, which stems from the public comments feature not properly filtering input and could lead to a stored cross-site scripting attack...

5.4CVSS5.9AI score0.00197EPSS
Exploits0References4
CVE
CVEadded 2025/10/21 12:0 a.m.9 views

CVE-2025-60506

CVE-2025-60506 affects Moodle PDF Annotator plugin v1.5 release 9, enabling stored XSS via Public Comments. A low-privilege user can inject JavaScript in a comment; when others view the annotated PDF, the payload runs in their browser, potentially causing session hijacking and credential theft. N...

5.4CVSS5.4AI score0.00197EPSS
Exploits0References3
Rows per page
Query Builder