EUVD-2022-2723

Malicious code in bioql PyPI...

GHSA-6656-6QWX-4C2M Moodle XSS In Tag Autocomplete functionality

Cross-site scripting XSS vulnerability in the tag autocomplete functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Moodle XSS In Tag Autocomplete functionality

Cross-site scripting XSS vulnerability in the tag autocomplete functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

GHSA-468Q-9CMP-76WC Moodle does not consider the moodle/tag:edit capability before adding a tag

tag/tagautocomplete.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not consider the moodle/tag:edit capability before adding a tag, which allows remote authenticated users to bypass intended access restrictions via an AJAX request...

Bypass Access Restrictions

Moodle is vulnerable to bypassing of access restrictions. The bypass is possible because tag/tagautocomplete.php ignores the moodle/tag:edit capability before adding a tag, allowing any authenticated users to launch attack through an AJAX request...

Cross site scripting

Cross-site scripting XSS vulnerability in the tag autocomplete functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

[SECURITY] [DSA 2262-1] moodle security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2262-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 15, 2011 http://www.debian.org/security/faq -...

DSA-2262-1 moodle - several

Bulletin has no description...

Debian DSA-2262-1 : moodle - several vulnerabilities

Several cross-site scripting and information disclosure issues have been fixed in Moodle, a course management system for online learning : - MSA-11-0002 Cross-site request forgery vulnerability in RSS block - MSA-11-0003 Cross-site scripting vulnerability in tag autocomplete - MSA-11-0008 IMS...

[SECURITY] [DSA 2262-1] moodle security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2262-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 15, 2011 http://www.debian.org/security/faq -...