Lucene search
K

8 matches found

Nuclei
Nuclei
added 14 hours ago983 views

Moodle LTI module Reflected - Cross-Site Scripting

A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's brows...

6.1CVSS6.4AI score0.03747EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3532

Malicious code in bioql PyPI...

5CVSS6.4AI score0.02118EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-4602

Malicious code in bioql PyPI...

4CVSS6.3AI score0.01712EPSS
Exploits0References11
VulnCheck KEV
VulnCheck KEV
added 2024/02/15 12:0 a.m.5 views

VulnCheck KEV: CVE-2022-35653

A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's...

6.1CVSS6.4AI score0.03747EPSS
Exploits0References1
OSV
OSV
added 2022/07/25 4:15 p.m.28 views

CVE-2022-35653

A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's brows...

6.1CVSS6.1AI score
Exploits0References5
UbuntuCve
UbuntuCve
added 2022/07/25 4:15 p.m.149 views

CVE-2022-35653

A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's brows...

6.1CVSS6.4AI score0.03747EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2014/11/24 11:59 a.m.20 views

CVE-2014-7836

Multiple cross-site request forgery CSRF vulnerabilities in the LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allow remote attackers to hijack the authentication of arbitrary users for a 1 mod/lti/requesttool.php or 2...

6.8CVSS6AI score0.01006EPSS
Exploits0References2
Prion
Prion
added 2014/11/24 11:59 a.m.14 views

Code injection

The LTI module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not properly restrict the parameters used in a return URL, which allows remote attackers to trigger the generation of arbitrary messages via a modified URL, related to mod/lti/locallib.php...

5CVSS7.2AI score0.02118EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder