4 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-36398
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk. CVE-2021-36398 Note that Nessus relie...
Moodle 4.2.x < 4.2.1 XSS Risk on groups page
According to its self-reported version, the Moodle install hosted on the remote host is 3.11.x prior to 3.11.15, 4.0.x prior to 4.0.9, 4.1.x prior to 4.1.4 or 4.2.x prior to 4.2.1. It is, therefore, affected by a Cross-Site Scripting in content on the groups page. Note that the scanner has not...
CVE-2013-4525
Cross-site scripting XSS vulnerability in mod/quiz/report/responses/responsestable.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via an answer to a text-based quiz question...
Moodle 1.1/1.2 - Cross-Site Scripting
source: https://www.securityfocus.com/bid/10251/info It has been reported that Moodle is susceptible to a cross-site scripting vulnerability in the 'help.php' script. This issue is due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamic web...