Lucene search
Veracode Vulnerability DatabaseVERACODE:4740HistoryJul 27, 2017 - 3:18 a.m.
Cross-Site Scripting (XSS)
2017-07-2703:18:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
EPSS
0.002
Percentile
54.0%
Moodle is vulnerable to cross-site scripting(XSS) attacks. The attacks are possible because the application does not use the RISK_XSS flag in mod/quiz/db/access.php, allowing attackers to use this loophole when providing gradebook feedback for manual quiz grading.
Related
ubuntucve
ubuntucve
CVE-2015-3174
2015-06-01 00:00:00
cvelist
cvelist
CVE-2015-3174
2015-06-01 19:00:00
github
github
Moodle does not set the RISK_XSS bit for graders
2022-05-13 01:12:45
nvd
nvd
CVE-2015-3174
2015-06-01 19:59:17
cve
cve
CVE-2015-3174
2015-06-01 19:59:17
prion
prion
Cross site scripting
2015-06-01 19:59:00
osv
osv
Moodle does not set the RISK_XSS bit for graders
2022-05-13 01:12:45
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0229)
2022-01-28 00:00:00
Fedora Update for moodle FEDORA-2015-14996
2015-09-16 00:00:00
Fedora Update for moodle FEDORA-2015-14988
2015-09-16 00:00:00
nessus
nessus
Moodle 2.6.x < 2.6.11 / 2.7.x < 2.7.8 Multiple Vulnerabilities
2016-07-21 00:00:00
Moodle 2.8.x < 2.8.6 Multiple Vulnerabilities
2016-07-21 00:00:00
Fedora 23 : moodle-2.9.1-1.fc23 (2015-14987)
2015-09-21 00:00:00
mageia
mageia
Updated moodle packages fix security vulnerabilities
2015-05-18 22:08:05
fedora
fedora
[SECURITY] Fedora 23 Update: moodle-2.9.1-1.fc23
2015-09-18 19:33:20
[SECURITY] Fedora 21 Update: moodle-2.7.9-1.fc21
2015-09-15 21:22:02
[SECURITY] Fedora 22 Update: moodle-2.8.7-1.fc22
2015-09-15 19:54:05