Lucene search
Veracode Vulnerability DatabaseVERACODE:4693HistoryJul 26, 2017 - 6:27 a.m.
Cross-Site Scripting (XSS)
2017-07-2606:27:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
EPSS
0.002
Percentile
59.5%
Moodle is vulnerable to cross-site scripting (XSS) attacks. The attacks are possible because search_pagination() function in course/classes/management_renderer.php does not sanitized the search string in course management interface.
References
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52552
lists.fedoraproject.org/pipermail/package-announce/2016-February/176502.html
lists.fedoraproject.org/pipermail/package-announce/2016-January/176436.html
www.openwall.com/lists/oss-security/2016/01/18/1
www.securitytracker.com/id/1034694
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-52552
moodle.org/mod/forum/discuss.php?d=326206
Related
cvelist
cvelist
CVE-2016-0725
2016-02-22 02:00:00
github
github
Moodle Cross-site scripting (XSS) vulnerability in course management search
2022-05-13 01:12:38
osv
osv
Moodle Cross-site scripting (XSS) vulnerability in course management search
2022-05-13 01:12:38
prion
prion
Cross site scripting
2016-02-22 05:59:00
nvd
nvd
CVE-2016-0725
2016-02-22 05:59:22
ubuntucve
ubuntucve
CVE-2016-0725
2016-02-22 00:00:00
cve
cve
CVE-2016-0725
2016-02-22 05:59:22
openvas
openvas
Fedora Update for moodle FEDORA-2016-1
2016-02-05 00:00:00
Mageia: Security Advisory (MGASA-2016-0029)
2016-01-21 00:00:00
nessus
nessus
FreeBSD : moodle -- multiple vulnerabilities (2d299950-ddb0-11e5-8fa8-14dae9d210b8)
2016-02-29 00:00:00
Fedora 23 : moodle-2.9.4-1.fc23 (2016-1c10ab3c35)
2016-03-04 00:00:00
Fedora 22 : moodle-2.8.10-1.fc22 (2016-fb2597f4eb)
2016-03-04 00:00:00
mageia
mageia
Updated moodle packages fix security vulnerability
2016-01-20 20:53:26
freebsd
freebsd
moodle -- multiple vulnerabilities
2016-01-18 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: moodle-2.9.4-1.fc23
2016-01-30 18:28:59
[SECURITY] Fedora 22 Update: moodle-2.8.10-1.fc22
2016-02-01 06:35:55