7 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-26528
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The drag-and-drop onto image ddimageortext question type required additional sanitizing to prevent a stored XSS risk. CVE-2025-26528 Note that Nessus relies on...
BIT-MOODLE-2025-26528 Stored XSS in ddimageortext question type
The drag-and-drop onto image ddimageortext question type required additional sanitizing to prevent a stored XSS risk...
Cross-site Scripting (XSS)
Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the drag-and-drop onto image ddimageortext question type, due to missing sanitization. Details Cross-site scripting or XSS is a code vulnerability that occurs when an...
Moodle has a stored XSS in ddimageortext question type
The drag-and-drop onto image ddimageortext question type required additional sanitizing to prevent a stored XSS risk...
CVE-2025-26528
The drag-and-drop onto image ddimageortext question type required additional sanitizing to prevent a stored XSS risk...
CVE-2025-26528
The drag-and-drop onto image ddimageortext question type required additional sanitizing to prevent a stored XSS risk...
CVE-2025-26528
CVE-2025-26528 relates to Moodle’s drag-and-drop onto image (ddimageortext) question type. Multiple connected sources confirm a stored XSS risk that required additional sanitizing in this question type. The CVE description notes the need for sanitization to prevent stored XSS, and OSV/GHSA entrie...