5 matches found
Moodle cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in course/pending.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted course summary...
CVE-2015-0212
Cross-site scripting XSS vulnerability in course/pending.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted course summary...
Cross site scripting
Cross-site scripting XSS vulnerability in course/pending.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted course summary...
CVE-2015-0212
Cross-site scripting XSS vulnerability in course/pending.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted course summary...
CVE-2015-0212
CVE-2015-0212 : In Moodle, a cross-site scripting (XSS) flaw exists in the course/pending.php page that enables remote authenticated users to inject arbitrary script/HTML via a crafted course summary. Affected Moodle versions include 2.5.9 and the 2.6, 2.7, and 2.8 branches before their fixed poi...