6 matches found
Chained Quiz < 1.3.2.5 - Submitted Quiz Response Deletion via CSRF
The plugin does not have CSRF checks when deleting submitted quiz response, which could allow attackers to make logged in admins perform such action via a CSRF attack...
Moodle cross-site scripting (XSS) vulnerability
Cross-site scripting XSS vulnerability in mod/quiz/report/statistics/statisticsquestiontable.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a...
CVE-2015-2273
Cross-site scripting XSS vulnerability in mod/quiz/report/statistics/statisticsquestiontable.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a...
Cross site scripting
Cross-site scripting XSS vulnerability in mod/quiz/report/statistics/statisticsquestiontable.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a...
CVE-2015-2273
Cross-site scripting XSS vulnerability in mod/quiz/report/statistics/statisticsquestiontable.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a...
UBUNTU-CVE-2015-2273
Cross-site scripting XSS vulnerability in mod/quiz/report/statistics/statisticsquestiontable.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a...