2 matches found
Moodle Cross-Site Scripting Vulnerability
Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. Moodle suffers from a cross-site scripting vulnerability that stems from insufficient data cleanup when executing a recovery,...
Schedule recovery DOS by front-running with original schedule recovery transaction if no other transaction is executed
Lines of code Vulnerability details Description If after scheduling a recovery no transaction is executed, anyone can DOS the execution of this scheduled recovery by a signature replay attack given that the nonce is not increased Impact DOS of scheduled recovery execution if after a recovery is...