8 matches found
SUSE CVE-2015-3178
Cross-site scripting XSS vulnerability in the externalformattext function in lib/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML into an external application via a...
Mageia: Security Advisory (MGASA-2015-0229)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moodle 2.8.x < 2.8.6 Multiple Vulnerabilities
Binary data 9425.prm...
Fedora 22 : moodle-2.8.7-1.fc22 (2015-14988)
moodle-2.8.7-1.fc22 - Latest upstream release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Fedora 21 : moodle-2.7.9-1.fc21 (2015-14996)
moodle-2.7.9-1.fc21 - 2.7.9. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
CVE-2015-3178
Cross-site scripting XSS vulnerability in the externalformattext function in lib/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML into an external application via a...
CVE-2015-3178
CVE-2015-3178 affects Moodle: the external_format_text function in lib/externallib.php is vulnerable in Moodle 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6. The issue allows remote authenticated users to inject arbitrary web script/HTML into an external application via a...
Updated moodle packages fix security vulnerabilities
Updated moodle package fixes security vulnerabilities: In Moodle before 2.6.11, leaving gradebook feedback is a trusted action and such capabilities in other modules already have an XSS mask, 'mod/quiz:grade' was missing this flag CVE-2015-3174. In Moodle before 2.6.11, some error messages displa...