14 matches found
EUVD-2017-18211
Malware in sbrugna...
EUVD-2022-3743
Malicious code in bioql PyPI...
Moodle allows attackers to obtain sensitive information
The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/overrideform.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properly restrict the display of e-mail addresses, which allows remote authenticated users to obtain...
GHSA-FC5P-VJ3H-X7G4 Moodle allows attackers to obtain sensitive information
The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/overrideform.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properly restrict the display of e-mail addresses, which allows remote authenticated users to obtain...
Micro Focus NetIQ Identity Reporting Cross-Site Scripting Vulnerability
Micro Focus NetIQ Identity Reporting is a suite of identity reporting modules for use in NetIQ Identity Manager from Micro Focus UK. A security vulnerability exists in versions prior to Micro Focus NetIQ Identity Reporting 5.5 Service Pack 1. An attacker could exploit the vulnerability to inject...
CVE-2017-9275
NetIQ Identity Reporting, in versions prior to 5.5 Service Pack 1, is susceptible to an XSS attack...
CVE-2017-9275
NetIQ Identity Reporting, in versions prior to 5.5 Service Pack 1, is susceptible to an XSS attack...
Design/Logic Flaw
NetIQ Identity Reporting, in versions prior to 5.5 Service Pack 1, is susceptible to an XSS attack...
CVE-2017-9275
NetIQ Identity Reporting is affected by a Cross-Site Scripting (XSS) vulnerability in versions prior to 5.5 Service Pack 1. Connected sources confirm the affected product and version range; no exploit details are provided. Remediation is to upgrade to 5.5 Service Pack 1 or later. The documents do...
CVE-2017-9275 NetIQ Identity Reporting XSS exposure
NetIQ Identity Reporting, in versions prior to 5.5 Service Pack 1, is susceptible to an XSS attack...
CVE-2014-0124
The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/overrideform.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properly restrict the display of e-mail addresses, which allows remote authenticated users to obtain...
Code injection
The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/overrideform.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properly restrict the display of e-mail addresses, which allows remote authenticated users to obtain...
CVE-2014-0124
The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/overrideform.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properly restrict the display of e-mail addresses, which allows remote authenticated users to obtain...
CVE-2014-0124
The identity-reporting implementations in mod/forum/renderer.php and mod/quiz/overrideform.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 do not properly restrict the display of e-mail addresses, which allows remote authenticated users to obtain...