Lucene search
Veracode Vulnerability DatabaseVERACODE:4618HistoryJul 20, 2017 - 8:27 a.m.
Arbitrary Web Script Or HTML Injection
2017-07-2008:27:16
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
EPSS
0.001
Percentile
47.7%
Moodle is susceptible to arbitrary web script or HTML injection attacks. The attacks can be triggered because repository renaming setting for administrator is not filtered, allowing authenticated administrators to inject the arbitrary script through it.
References
git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-33808
openwall.com/lists/oss-security/2012/07/17/1
secunia.com/advisories/49890
www.securityfocus.com/bid/54481
exchange.xforce.ibmcloud.com/vulnerabilities/76959
git.moodle.org/gw?p=moodle.git;a=commit;h=217926aaa14fb672e8eb2c660637cca87dfbf402
Related
prion
prion
Cross site scripting
2012-07-23 21:55:00
ubuntucve
ubuntucve
CVE-2012-3393
2012-07-23 00:00:00
cve
cve
CVE-2012-3393
2012-07-23 21:55:04
nvd
nvd
CVE-2012-3393
2012-07-23 21:55:04
cvelist
cvelist
CVE-2012-3393
2012-07-23 21:00:00
nessus
nessus
Moodle 2.1.x < 2.1.7 Multiple Vulnerabilities
2016-07-21 00:00:00
Moodle 2.2.x < 2.2.4 Multiple Vulnerabilities
2016-07-21 00:00:00
Fedora 17 : moodle-2.2.4-1.fc17 (2012-11039)
2012-08-02 00:00:00
openvas
openvas
Fedora Update for moodle FEDORA-2012-11028
2012-08-03 00:00:00
Fedora Update for moodle FEDORA-2012-11039
2012-08-30 00:00:00
Fedora Update for moodle FEDORA-2012-11039
2012-08-30 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: moodle-2.0.10-1.fc16
2012-08-01 22:27:44
[SECURITY] Fedora 17 Update: moodle-2.2.4-1.fc17
2012-08-01 22:28:41