3 matches found
Moodle CMS 3.5.x < 3.5.2, 3.4.x < 3.4.5, and < 3.3.8 XSS Vulnerability - Windows
Moodle CMS is prone to a reflected cross-site scripting XSS vulnerability. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...
CVE-2018-14631
moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. The breadcrumb navigation provided by Boost theme when displaying search results of a blog were insufficiently filtered, which could result in reflected XSS if a user...
CVE-2018-14631
CVE-2018-14631 affects Moodle before versions 3.5.2, 3.4.5, and 3.3.8. The vulnerability arises in the Boost theme’s blog search: the GET parameter used for search is not sufficiently filtered, and the breadcrumb navigation rendered for search results can be exploited to perform a reflected Cross...