12 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-25702
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10...
BIT-MOODLE-2020-25702
In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10...
Cross-site Scripting (XSS) in moodle
In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10...
GHSA-PGCP-M69H-P2GR Cross-site Scripting (XSS) in moodle
In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10...
Cross-Site Scripting (XSS)
moodle/moodle is vulnerable to cross-site scripting XSS. An attacker is able to inject and execute arbitrary Javascript in a user's browser by storing malicious code when renaming content bank items, which would render when a victim views the bank items...
CVE-2020-25702
In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10...
CVE-2020-25702
In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10...
Code injection
In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10...
CVE-2020-25702
In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10...
UBUNTU-CVE-2020-25702
In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10...
CVE-2020-25702
In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10...
PT-2020-16164 · Moodle +1 · Moodle +1
Name of the Vulnerable Software and Affected Versions: Moodle versions 3.9 through 3.9.2 Description: The issue allowed including JavaScript when re-naming content bank items. This is fixed in Moodle versions 3.9.3 and 3.10. Recommendations: For versions 3.9 through 3.9.2, update to version 3.9.3...