Lucene search
K

5 matches found

OSV
OSV
added 2026/01/21 6:16 p.m.4 views

CVE-2021-47857

Moodle 3.10.3 contains a persistent cross-site scripting vulnerability in the calendar event subtitle field that allows attackers to inject malicious scripts. Attackers can craft a calendar event with malicious JavaScript in the subtitle track label to execute arbitrary code when users view the...

6.1CVSS6AI score
Exploits0References3
CVE
CVE
added 2026/01/21 5:27 p.m.37 views

CVE-2021-47857

CVE-2021-47857 affects Moodle 3.10.3 and is a persistent cross-site scripting (XSS) vulnerability in the calendar event subtitle field. The underlying issue allows an attacker to inject malicious JavaScript into the subtitle track label of a crafted calendar event, with code execution possible wh...

7.2CVSS5.6AI score0.00309EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/21 5:27 p.m.3 views

CVE-2021-47857

Moodle 3.10.3 contains a persistent cross-site scripting vulnerability in the calendar event subtitle field that allows attackers to inject malicious scripts. Attackers can craft a calendar event with malicious JavaScript in the subtitle track label to execute arbitrary code when users view the...

7.2CVSS5.6AI score0.00309EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/21 5:27 p.m.5 views

CVE-2021-47857 Moodle 3.10.3 - 'label' Persistent Cross Site Scripting

Moodle 3.10.3 contains a persistent cross-site scripting vulnerability in the calendar event subtitle field that allows attackers to inject malicious scripts. Attackers can craft a calendar event with malicious JavaScript in the subtitle track label to execute arbitrary code when users view the...

7.2CVSS5.6AI score0.00309EPSS
Exploits1References3
EUVD
EUVD
added 2026/01/21 5:27 p.m.3 views

EUVD-2026-3616

Moodle 3.10.3 contains a persistent cross-site scripting vulnerability in the calendar event subtitle field that allows attackers to inject malicious scripts. Attackers can craft a calendar event with malicious JavaScript in the subtitle track label to execute arbitrary code when users view the...

7.2CVSS5.6AI score0.00309EPSS
Exploits1References5
Rows per page
Query Builder