Lucene search
K

5 matches found

OSV
OSV
added 2024/03/06 11:10 a.m.17 views

BIT-MOODLE-2021-27131

Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting XSS due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by...

5.4CVSS5.3AI score0.00686EPSS
Exploits1References4
OSV
OSV
added 2023/05/16 9:30 p.m.46 views

GHSA-W2PM-FR62-JGV4 Moodle vulnerable to stored Cross-site Scripting

Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting XSS due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in /admin/settings.php. This vulnerability may lead an attacker to steal admin and all user account cookies by storin...

5.4CVSS5.3AI score0.00686EPSS
Exploits1References4
NVD
NVD
added 2023/05/16 8:15 p.m.30 views

CVE-2021-27131

Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting XSS due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by...

5.4CVSS5.2AI score0.00686EPSS
Exploits1References3
Prion
Prion
added 2023/05/16 8:15 p.m.17 views

Cross site scripting

DISPUTED Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting XSS due to the improper input sanitization on the "Additional HTML Section" via "Header and Footer" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookie...

4.9CVSS5.1AI score0.00686EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2021/01/28 7:15 p.m.23 views

CVE-2021-20183

It was found in Moodle before version 3.10.1 that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries...

5.4CVSS5.3AI score0.00816EPSS
Exploits0References1
Rows per page
Query Builder