Lucene search
K

4 matches found

OSV
OSV
added 2024/03/06 11:9 a.m.21 views

BIT-MOODLE-2021-32478

The redirect URI in the LTI authorization endpoint required extra sanitizing to prevent reflected XSS and open redirect risks. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8 and earlier unsupported versions are affected...

6.1CVSS6.4AI score0.01157EPSS
Exploits0References2
Redos
Redos
added 2021/09/08 12:0 a.m.14 views

ROS-2-1246

2.1246 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.8CVSS8.4AI score0.01236EPSS
Exploits1
Redos
Redos
added 2021/09/08 12:0 a.m.16 views

ROS-2-845

2.845 Multiple vulnerabilities in Moodle CVE-2021-32472 - CVE-2021-32478 1. Vulnerability Description: CVE-2021-32478 A vulnerability exists due to insufficient cleansing of user-provided data at the LTI authorization endpoint. A remote attacker could trick a victim into clicking a specially...

7.5CVSS8.4AI score0.04006EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/07/06 12:0 a.m.20 views

Moodle < 3.8.9, 3.9.x < 3.9.7, 3.10.x < 3.10.4 XSS Vulnerability

Moodle is prone to a cross-site scripting XSS vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

6.1CVSS6.1AI score0.01157EPSS
Exploits0References1
Rows per page
Query Builder