3 matches found
Cross-site Scripting (XSS)
Moodle is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary web script through the $searchcourse parameter in mod/feedback/mapcourse.php...
Cross site scripting
Cross-site scripting XSS vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse...
CVE-2014-7830
CVE-2014-7830 is a cross-site scripting (XSS) vulnerability in Moodle’s Feedback module (mod/feedback/mapcourse.php) that affects Moodle up to certain versions. Specifically, Moodle 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote authenticated users to inject a...