SUSE CVE-2015-3178

Cross-site scripting XSS vulnerability in the externalformattext function in lib/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML into an external application via a...

UBUNTU-CVE-2015-3274

Cross-site scripting XSS vulnerability in the usergetuserdetails function in user/lib.php in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allows remote attackers to inject arbitrary web script or HTML by leveraging absence of an externalformattext call in ...

The vulnerability of the Moodle learning management system allows a hacker to inject arbitrary web or HTML code.

The vulnerability of the externalformattext function in the lib/externallib.php component of the Moodle learning management system exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to inject any desired web or...

Moodle 'lib/externallib.php' Cross-Site Scripting Vulnerability

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A cross-site scripting vulnerability exists in the 'externalformattext' function in the Moodle 'lib/externallib.php' script. A remote...

UBUNTU-CVE-2015-3178

Cross-site scripting XSS vulnerability in the externalformattext function in lib/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML into an external application via a...