5 matches found
CVE-2021-47857
Moodle 3.10.3 contains a persistent cross-site scripting vulnerability in the calendar event subtitle field that allows attackers to inject malicious scripts. Attackers can craft a calendar event with malicious JavaScript in the subtitle track label to execute arbitrary code when users view the...
CVE-2021-47857
CVE-2021-47857 affects Moodle 3.10.3 and is a persistent cross-site scripting (XSS) vulnerability in the calendar event subtitle field. The underlying issue allows an attacker to inject malicious JavaScript into the subtitle track label of a crafted calendar event, with code execution possible wh...
CVE-2021-47857
Moodle 3.10.3 contains a persistent cross-site scripting vulnerability in the calendar event subtitle field that allows attackers to inject malicious scripts. Attackers can craft a calendar event with malicious JavaScript in the subtitle track label to execute arbitrary code when users view the...
CVE-2021-47857 Moodle 3.10.3 - 'label' Persistent Cross Site Scripting
Moodle 3.10.3 contains a persistent cross-site scripting vulnerability in the calendar event subtitle field that allows attackers to inject malicious scripts. Attackers can craft a calendar event with malicious JavaScript in the subtitle track label to execute arbitrary code when users view the...
EUVD-2026-3616
Moodle 3.10.3 contains a persistent cross-site scripting vulnerability in the calendar event subtitle field that allows attackers to inject malicious scripts. Attackers can craft a calendar event with malicious JavaScript in the subtitle track label to execute arbitrary code when users view the...