Lucene search
Veracode Vulnerability DatabaseVERACODE:40726HistoryMay 30, 2023 - 8:09 a.m.
Cross-Site Scripting (XSS)
2023-05-3008:09:50
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
25.1%
moodle/moodle is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to a lack of sanitization in the Header and Footer parameter in settings.php which allows an attacker to inject and execute arbitrary JavaScript into the browser.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | le | v4.2.0 | |
| moodle/moodle | le | v4.2.0 |
Related
cnvd
cnvd
Moodle cross-site scripting vulnerability (CNVD-2023-43862)
2023-05-30 00:00:00
prion
prion
Cross site scripting
2023-05-16 20:15:00
osv
osv
BIT-moodle-2021-27131
2024-03-06 11:10:34
Moodle vulnerable to stored Cross-site Scripting
2023-05-16 21:30:23
ubuntucve
ubuntucve
CVE-2021-27131
2023-05-16 00:00:00
cvelist
cvelist
CVE-2021-27131
2023-05-16 00:00:00
cve
cve
CVE-2021-27131
2023-05-16 20:15:08
github
github
Moodle vulnerable to stored Cross-site Scripting
2023-05-16 21:30:23
openvas
openvas
Moodle 3.10.x <= 3.10.11 Multiple Vulnerabilities
2023-10-25 00:00:00