Lucene search
K

27 matches found

Vulnrichment
Vulnrichment
added 2022/11/28 12:0 a.m.7 views

CVE-2022-46147 Drag and Drop XBlock v2 has XSS Issues in Xblock Input Fields

Drag and Drop XBlock v2 implements a drag-and-drop style problem, where a learner has to drag items to zones on a target image. Versions prior to 3.0.0 are vulnerable to cross-site scripting in multiple XBlock Fields. Any platform that has deployed the XBlock may be impacted. Version 3.0.0 contai...

8.4CVSS6.4AI score0.00806EPSS
Exploits1References4
CVE
CVE
added 2022/11/28 12:0 a.m.73 views

CVE-2022-46147

CVE-2022-46147 concerns the Drag and Drop XBlock v2 used with Open edX. The vulnerability is an XSS issue in multiple XBlock Fields that affects versions prior to 3.0.0. The 3.0.0 release contains a patch to address the issue. There are no explicit exploit details or known workarounds reported in...

8.4CVSS6.4AI score0.00806EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2022/11/28 12:0 a.m.4 views

Drag and Drop XBlock v2 跨站脚本漏洞

Drag and Drop XBlock v2 is an Open edX open source SDK package for online education sites. Implements a drag and drop problem where the learner must drag items to areas on the target image. A cross-site scripting vulnerability exists in Drag and Drop XBlock v2 versions prior to 3.0.0. An attacker...

8.4CVSS6.8AI score0.00806EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/11/28 12:0 a.m.33 views

CVE-2022-46147 Drag and Drop XBlock v2 has XSS Issues in Xblock Input Fields

Drag and Drop XBlock v2 implements a drag-and-drop style problem, where a learner has to drag items to zones on a target image. Versions prior to 3.0.0 are vulnerable to cross-site scripting in multiple XBlock Fields. Any platform that has deployed the XBlock may be impacted. Version 3.0.0 contai...

8.4CVSS8.2AI score0.00806EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/11/28 12:0 a.m.4 views

PT-2022-27763 · Unknown · Drag/Drop Xblock

Name of the Vulnerable Software and Affected Versions: Drag and Drop XBlock v2 versions prior to 3.0.0 Description: The issue affects the Drag and Drop XBlock v2, which implements a drag-and-drop style problem. It is vulnerable to cross-site scripting in multiple XBlock Fields. Any platform that...

8.4CVSS6.4AI score0.00806EPSS
Exploits1References12
OSV
OSV
added 2022/11/28 12:0 a.m.35 views

CVE-2022-46147 Drag and Drop XBlock v2 has XSS Issues in Xblock Input Fields

Drag and Drop XBlock v2 implements a drag-and-drop style problem, where a learner has to drag items to zones on a target image. Versions prior to 3.0.0 are vulnerable to cross-site scripting in multiple XBlock Fields. Any platform that has deployed the XBlock may be impacted. Version 3.0.0 contai...

8.4CVSS6.4AI score0.00806EPSS
Exploits1References6
OSV
OSV
added 2019/08/21 4:15 p.m.13 views

GHSA-3J5X-7CCF-PPGM Cross-site scripting in recommender-xblock

Recommender before 1.3.1 allows XSS. It is possible for a learner to craft a fake resource to recommender, that includes script which could possibly steal credentials from staff if they are lured into viewing the recommended resource...

6.1CVSS6.2AI score0.00848EPSS
Exploits0References6
Rows per page
Query Builder