Lucene search
Veracode Vulnerability DatabaseVERACODE:4348HistoryJun 01, 2017 - 6:40 a.m.
Cross-site Scripting (XSS)
2017-06-0106:40:24
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
EPSS
0.001
Percentile
45.6%
Moodle is susceptible to cross-site scripting (XSS) attacks. The attacks are possible because it does not sanitize the idnumber parameter in cohort/edit.php, allowing malicious authenticated users to input arbitrary web script or HTML through it.
References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31691
openwall.com/lists/oss-security/2012/05/23/2
osvdb.org/82072
github.com/moodle/moodle/commit/4022860ea823b302ee60ddc37d0d9321b1961a83
github.com/moodle/moodle/commit/ad520779df8284958195494b23b12ec1c7387741
github.com/moodle/moodle/commit/eb9d9965767c7fd88db2e09935fe7431ec9e3e87
moodle.org/mod/forum/discuss.php?d=203055
security-tracker.debian.org/tracker/CVE-2012-2365
Related
nvd
nvd
CVE-2012-2365
2012-07-21 03:38:56
CVE-2012-3396
2012-07-23 21:55:04
ubuntucve
ubuntucve
CVE-2012-2365
2012-07-21 00:00:00
CVE-2012-3396
2012-07-23 00:00:00
cve
cve
CVE-2012-2365
2012-07-21 03:38:56
CVE-2012-3396
2012-07-23 21:55:04
prion
prion
Cross site scripting
2012-07-21 03:38:00
Cross site scripting
2012-07-23 21:55:00
cvelist
cvelist
CVE-2012-2365
2012-07-21 01:00:00
CVE-2012-3396
2012-07-23 21:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2017-07-20 08:58:18
nessus
nessus
Fedora 15 : moodle-1.9.18-1.fc15 (2012-8365)
2012-06-04 00:00:00
Fedora 16 : moodle-2.0.9-1.fc16 (2012-8325)
2012-06-04 00:00:00
openvas
openvas
Fedora Update for moodle FEDORA-2012-8284
2012-08-30 00:00:00
Fedora Update for moodle FEDORA-2012-8325
2012-06-04 00:00:00
Fedora Update for moodle FEDORA-2012-8365
2012-06-04 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: moodle-2.2.3-1.fc17
2012-06-01 17:01:55
[SECURITY] Fedora 16 Update: moodle-2.0.9-1.fc16
2012-06-02 03:57:50
[SECURITY] Fedora 15 Update: moodle-1.9.18-1.fc15
2012-06-02 03:58:35