Lucene search
K

27433 matches found

OSV
OSV
added 2022/05/13 1:12 a.m.38 views

GHSA-75C6-XQWR-V2R9 Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the quizquestiontostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question...

3.5CVSS5AI score0.00967EPSS
Exploits0References9
OSV
OSV
added 2022/05/13 1:12 a.m.22 views

GHSA-CH68-5R37-P7C3 Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.3AI score0.01832EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.20 views

Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01832EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.31 views

Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the quizquestiontostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question...

3.5CVSS5.3AI score0.00967EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2022/05/13 1:12 a.m.18 views

GHSA-J6C3-3C4W-QV8P Moodle cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by 1 providing a crafted playerId or 2 referencing a...

4.3CVSS5.6AI score0.02405EPSS
Exploits0References13
OSV
OSV
added 2022/05/13 1:12 a.m.20 views

GHSA-6922-5V25-P8JG Moodle multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the SCORM module in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allow remote attackers to inject arbitrary web script or HTML via a crafted organization name to 1 mod/scorm/player.php or 2...

6.1CVSS6.2AI score0.01465EPSS
Exploits0References10
OSV
OSV
added 2022/05/13 1:12 a.m.15 views

GHSA-5729-822W-J342 Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in group/overview.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to inject arbitrary web script or HTML via a modified grouping description...

5.4CVSS5.4AI score0.0117EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.23 views

Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in group/overview.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to inject arbitrary web script or HTML via a modified grouping description...

5.4CVSS5.6AI score0.0117EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.20 views

Moodle multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the SCORM module in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allow remote attackers to inject arbitrary web script or HTML via a crafted organization name to 1 mod/scorm/player.php or 2...

6.1CVSS5.6AI score0.01465EPSS
Exploits0References10Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.20 views

Moodle multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey...

5.4CVSS5.7AI score0.0087EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2022/05/13 1:12 a.m.24 views

GHSA-GRVW-QQ2J-R898 Moodle multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the survey module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 allow remote authenticated users to inject arbitrary web script or HTML by leveraging the student role and entering a crafted survey...

5.4CVSS5.7AI score0.0087EPSS
Exploits0References11
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.26 views

Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the externalformattext function in lib/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to inject arbitrary web script or HTML into an external application via a...

3.5CVSS5.2AI score0.01459EPSS
Exploits0References13Affected Software1
OSV
OSV
added 2022/05/13 1:12 a.m.15 views

GHSA-CP39-43XR-2WRP Moodle XSS Vulnerability

Multiple cross-site scripting XSS vulnerabilities in lib/javascript-static.js in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allow remote authenticated users to inject arbitrary web script or HTML via a 1 alt or 2 title attribute in an IMG element...

3.5CVSS5AI score0.03285EPSS
Exploits5References6
OSV
OSV
added 2022/05/13 1:12 a.m.17 views

GHSA-W77V-XPXR-C6PV Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in mod/quiz/report/statistics/statisticsquestiontable.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a...

3.5CVSS4.9AI score0.01459EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.23 views

Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in mod/quiz/report/statistics/statisticsquestiontable.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a...

3.5CVSS5.3AI score0.01459EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2022/05/13 1:12 a.m.15 views

GHSA-JJ3J-MHGC-G4M4 Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in course/pending.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted course summary...

3.5CVSS4.9AI score0.01459EPSS
Exploits0References9
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.36 views

Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in course/pending.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted course summary...

3.5CVSS5.2AI score0.01459EPSS
Exploits0References9Affected Software1
OSV
OSV
added 2022/05/13 1:12 a.m.16 views

GHSA-J4MR-VC54-H5PC Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse...

3.5CVSS5AI score0.01455EPSS
Exploits0References11
OSV
OSV
added 2022/05/13 1:12 a.m.21 views

GHSA-M8F5-9WG8-2C3H Moodle multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in the advanced-grading implementation in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote authenticated users to inject arbitrary web script or HTML via a crafted 1...

3.5CVSS5AI score0.01749EPSS
Exploits0References23
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.25 views

Moodle multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via vectors that trigger an AJAX exception dialog...

4.3CVSS5.7AI score0.01832EPSS
Exploits0References10Affected Software1
Rows per page
Query Builder