Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

44 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2026/05/12 2:59 a.m.4 views

Malicious code in @uipath/aops-policy-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e3ffa653b190d1fd6f355664623366bda5832396e46eb577a6da7e729d642ca5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSVadded 2026/05/12 2:59 a.m.2 views

MAL-2026-3528 Malicious code in @uipath/aops-policy-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e3ffa653b190d1fd6f355664623366bda5832396e46eb577a6da7e729d642ca5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References6
OSV
OSVadded 2026/02/12 8:51 a.m.3 views

BIT-MOODLE-2025-67855 Mooodle: mooodle: information disclosure and script execution via reflected cross-site scripting

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

6.1CVSS6AI score0.00031EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/02/05 12:0 a.m.2 views

Tanium Enforce 安全漏洞

Tanium Enforce is a terminal policy and configuration management module provided by the American company Tanium. Tanium Enforce has a security vulnerability, which stems from improper link resolution before file access...

5CVSS5.8AI score0.00005EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2026/02/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-67855

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerabilit...

6.1CVSS6AI score0.00031EPSS
Exploits0References2
OSV
OSVadded 2026/02/03 12:30 p.m.2 views

GHSA-VWHW-VP9V-Q9C9 Moodle vulnerable to Cross-site Scripting

A flaw was found in Moodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

5.4CVSS5.9AI score0.00031EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2026/02/03 12:30 p.m.4 views

Moodle vulnerable to Cross-site Scripting

A flaw was found in Moodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

6.1CVSS5.8AI score0.00031EPSS
Exploits0References6Affected Software1
Snyk
Snykadded 2026/02/03 12:30 p.m.1 views

Cross-site Scripting (XSS)

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via insufficient sanitization of URL parameters in the policy tool return URL. An attacker can execute arbitrary client-side scripts or disclose sensitive information by...

6.1CVSS5.4AI score0.00031EPSS
Exploits0References2
NVD
NVDadded 2026/02/03 11:15 a.m.3 views

CVE-2025-67855

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

6.1CVSS0.00031EPSS
Exploits0References2
OSV
OSVadded 2026/02/03 11:15 a.m.1 views

CVE-2025-67855

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

6.1CVSS6AI score0.00031EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2026/02/03 11:15 a.m.0 views

CVE-2025-67855

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

6.1CVSS6.1AI score0.00031EPSS
Exploits0References3
OSV
OSVadded 2026/02/03 11:15 a.m.0 views

UBUNTU-CVE-2025-67855

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

6.1CVSS6.1AI score0.00031EPSS
Exploits0References4
CVE
CVEadded 2026/02/03 10:52 a.m.9 views

CVE-2025-67855

CVE-2025-67855 describes a reflected Cross-Site Scripting (XSS) vulnerability in Moodle’s policy tool return URL. The flaw results from insufficient sanitization of URL parameters, allowing a remote attacker to inject scripts via crafted links. Consequences cited in the documents include informat...

6.1CVSS5.8AI score0.00031EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/03 10:52 a.m.1 views

CVE-2025-67855 Mooodle: mooodle: information disclosure and script execution via reflected cross-site scripting

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

5.4CVSS5.8AI score0.00031EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/02/03 10:52 a.m.22 views

CVE-2025-67855 Mooodle: mooodle: information disclosure and script execution via reflected cross-site scripting

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

5.4CVSS0.00031EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/02/03 10:52 a.m.3 views

CVE-2025-67855

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

5.4CVSS5.8AI score0.00031EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2026/02/03 12:0 a.m.2 views

PT-2026-5963

Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This issue stems from inadequate sanitization of URL parameters, enabling...

6.1CVSS6AI score0.00031EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2026/02/03 12:0 a.m.2 views

PT-2026-6490

A flaw was found in Moodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

5.4CVSS5.9AI score0.00031EPSS
Exploits0References7
OSV
OSVadded 2026/01/26 2:49 p.m.2 views

BIT-MOODLE-2025-3643 Moodle: reflected xss risk in policy tool

A flaw was found in Moodle. The return URL in the policy tool required additional sanitizing to prevent a reflected Cross-site scripting XSS risk...

5.4CVSS5.8AI score0.0013EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/12/19 1:44 p.m.2 views

CVE-2025-67855

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting XSS vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links...

5.5AI score0.00031EPSS
Exploits0References2
Rows per page
Query Builder