Lucene search
K

29 matches found

NVD
NVD
added 2015/04/21 4:59 p.m.18 views

CVE-2015-3344

Cross-site scripting XSS vulnerability in the Course module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

3.5CVSS5.3AI score0.00965EPSS
Exploits0References5
Prion
Prion
added 2015/04/21 4:59 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Course module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title...

3.5CVSS5.7AI score0.00965EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2015/04/21 4:0 p.m.37 views

CVE-2015-3344

The CVE-2015-3344 issue affects the Drupal Course module (versions 6.x-1.x prior to 6.x-1.2 and 7.x-1.x prior to 7.x-1.4). The underlying problem is insufficient filtering of node title displays, enabling remote authenticated users to inject arbitrary script/HTML via a node title (XSS). Affected ...

3.5CVSS5.4AI score0.00965EPSS
Exploits0References5Affected Software1
Drupal
Drupal
added 2015/01/07 12:0 a.m.23 views

SA-CONTRIB-2015-002 - Course - Cross Site Scripting (XSS)

Course module enables you to create e-learning courses with any number of requirements for completion. The module doesn't sufficiently filter node title displays when being used in a course. This vulnerability is mitigated by the fact that an attacker must have a role with the permission to creat...

3.5CVSS6.3AI score0.00965EPSS
Exploits0References11
NVD
NVD
added 2013/12/05 6:55 p.m.33 views

CVE-2013-6267

Multiple cross-site scripting XSS vulnerabilities in Claroline before 1.11.9 allow remote attackers to inject arbitrary web script or HTML via the 1 box parameter to messaging/messagebox.php, cidToEdit parameter to 2 adminregisteruser.php or 3 adminusercoursesettings.php in admin/, 4 moduleid...

4.3CVSS5.7AI score0.01379EPSS
Exploits3References7
UbuntuCve
UbuntuCve
added 2006/09/23 12:7 a.m.39 views

CVE-2006-4936

Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors...

10CVSS5.9AI score0.01478EPSS
Exploits0References1
NVD
NVD
added 2006/09/23 12:7 a.m.22 views

CVE-2006-4936

Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors...

10CVSS6.7AI score0.01478EPSS
Exploits0References1
Cvelist
Cvelist
added 2006/09/23 12:0 a.m.27 views

CVE-2006-4936

Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object, which has unspecified impact and remote attack vectors...

6.7AI score0.01478EPSS
Exploits0References1
CVE
CVE
added 2006/09/23 12:0 a.m.56 views

CVE-2006-4936

Moodle before 1.6.2 does not properly validate the module instance id when creating a course module object. Affects Moodle prior to 1.6.2; underlying cause is improper validation. Impact is described as unspecified, with remote attack vectors mentioned in the provided materials; no remediation de...

10CVSS6.7AI score0.01478EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder