26 matches found
EUVD-2023-2935
Malicious code in bioql PyPI...
EUVD-2022-1331
Malicious code in bioql PyPI...
BIT-MOODLE-2021-32475
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...
BIT-MOODLE-2023-5546 Moodle: stored xss in quiz grading report via user id number
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...
GHSA-9724-H8P7-R3JV Moodle Cross-site Scripting vulnerability
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...
Moodle Cross-site Scripting vulnerability
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...
CVE-2023-5546
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...
CVE-2023-5546
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...
CVE-2023-5546
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...
UBUNTU-CVE-2023-5546
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...
Cross site scripting
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...
CVE-2023-5546 Moodle: stored xss in quiz grading report via user id number
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk...
PT-2023-32168 · Moodle +8 · Moodle +3
Name of the Vulnerable Software and Affected Versions: Software affected versions not specified Description: The issue concerns a stored XSS risk in the quiz grading report, where ID numbers were not properly sanitized. This could potentially allow for malicious script execution. Recommendations:...
SUSE CVE-2015-3174
mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not set the RISKXSS bit for graders, which allows remote authenticated users to conduct cross-site scripting XSS attacks via crafted gradebook feedback during manual quiz grading...
Moodle does not set the RISK_XSS bit for graders
mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not set the RISKXSS bit for graders, which allows remote authenticated users to conduct cross-site scripting XSS attacks via crafted gradebook feedback during manual quiz grading...
GHSA-6R7X-6Q98-QCQP Moodle does not set the RISK_XSS bit for graders
mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not set the RISKXSS bit for graders, which allows remote authenticated users to conduct cross-site scripting XSS attacks via crafted gradebook feedback during manual quiz grading...
GHSA-5WJH-V7C8-WRHX Moodle stored Cross-site Scripting
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...
CVE-2021-32475
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...
CVE-2021-32475
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...
UBUNTU-CVE-2021-32475
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk. Moodle 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected...