CVE-2024-34312

2024-06-2400:00:00

mitre

github.com

virtual programming lab

xss vulnerability

vplide.js

AI Score

6.3

Confidence

High

EPSS

0.001

Percentile

17.6%

SSVC

Exploitation

poc

Automatable

Technical Impact

partial

JSON

Virtual Programming Lab for Moodle up to v4.2.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component vplide.js.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:vpl:jail_system:*:*:*:*:*:*:*:*"
    ],
    "vendor": "vpl",
    "product": "jail_system",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "versionType": "custom",
        "lessThanOrEqual": "4.2.3"
      }
    ],
    "defaultStatus": "unknown"
  }
]