Lucene search
Veracode Vulnerability DatabaseVERACODE:4546HistoryJul 07, 2017 - 7:09 a.m.
Cross-site Scripting (XSS)
2017-07-0707:09:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Moodle is vulnerable to cross-site scripting (XSS) attacks. A malicious user can inject and execute arbitrary script through the conditional access rule value of a user field as the input is not properly escaped in that field.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | le | 2.4.4 | |
| moodle/moodle | le | 2.5.0 |
Related
prion
prion
Cross site scripting
2013-07-29 13:59:00
ubuntucve
ubuntucve
CVE-2013-2244
2013-07-29 00:00:00
cve
cve
CVE-2013-2244
2013-07-29 13:59:00
openvas
openvas
Fedora Update for moodle FEDORA-2013-12964
2013-08-20 00:00:00
Mageia: Security Advisory (MGASA-2013-0217)
2022-01-28 00:00:00
Fedora Update for moodle FEDORA-2013-12964
2013-08-20 00:00:00
nessus
nessus
Fedora 18 : moodle-2.3.8-2.fc18 (2013-12950)
2013-07-23 00:00:00
Fedora 17 : moodle-2.2.11-1.fc17 (2013-13252)
2013-07-31 00:00:00
Fedora 19 : moodle-2.4.5-2.fc19 (2013-12964)
2013-07-23 00:00:00
mageia
mageia
Updated moodle package fixes multiple security vulnerabilities
2013-07-21 12:38:57
fedora
fedora
[SECURITY] Fedora 19 Update: moodle-2.4.5-2.fc19
2013-07-23 01:09:09
[SECURITY] Fedora 17 Update: moodle-2.2.11-1.fc17
2013-07-30 17:43:47
[SECURITY] Fedora 18 Update: moodle-2.3.8-2.fc18
2013-07-23 01:08:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related for VERACODE:4546