Lucene search
Veracode Vulnerability DatabaseVERACODE:46036HistoryMar 27, 2024 - 7:53 a.m.
HTML Injection
2024-03-2707:53:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
moodle
html injection
vulnerability
chat activity
harmful elements
moodle/moodle is vulnerable to HTML Injection. The vulnerability due to Moodle’s support for HTML code insertion within the Chat activity, which allows students to insert potentially harmful HTML elements that could lead to performance degradation.
References
docs.moodle.org/403/en/Using_Chat
gist.githubusercontent.com/minendie/4f23174687bc4d8eb7f727d9959b5399/raw/9ce573cebcce5521d9d6f826ab68f3780036b874/CVE-2024-28593.txt
github.com/advisories/GHSA-f6mh-79vh-2hv7
medium.com/%40lamscun/how-do-i-change-htmli-from-low-to-critical-your-email-box-is-safe-e7171efd88fe
medium.com/@lamscun/how-do-i-change-htmli-from-low-to-critical-your-email-box-is-safe-e7171efd88fe
Related
osv
osv
UBUNTU-CVE-2024-28593
2024-09-23 00:00:00
Cross-site Scripting in Moodle Chat
2024-03-22 15:31:07
nvd
nvd
CVE-2024-28593
2024-03-22 15:15:15
cve
cve
CVE-2024-28593
2024-03-22 15:15:15
vulnrichment
vulnrichment
CVE-2024-28593
2024-03-22 00:00:00
cvelist
cvelist
CVE-2024-28593
2024-03-22 00:00:00
github
github
Cross-site Scripting in Moodle Chat
2024-03-22 15:31:07