Lucene search
RedhatCVE-2013-4341HistorySep 16, 2013 - 1:02 p.m.
CVE-2013-4341
2013-09-1613:02:48
CWE-79
redhat
web.nvd.nist.gov
56
cve
2013
4341
xss
vulnerabilities
moodle
rss feed
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
7.8
Confidence
High
EPSS
0.002
Percentile
53.6%
Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote attackers to inject arbitrary web script or HTML via a crafted blog link within an RSS feed.
Affected configurations
Node
moodlemoodleRange≤2.2.11
ORmoodlemoodleMatch2.3.0
ORmoodlemoodleMatch2.3.1
ORmoodlemoodleMatch2.3.2
ORmoodlemoodleMatch2.3.3
ORmoodlemoodleMatch2.3.4
ORmoodlemoodleMatch2.3.5
ORmoodlemoodleMatch2.3.6
ORmoodlemoodleMatch2.3.7
ORmoodlemoodleMatch2.3.8
ORmoodlemoodleMatch2.4.0
ORmoodlemoodleMatch2.4.1
ORmoodlemoodleMatch2.4.2
ORmoodlemoodleMatch2.4.3
ORmoodlemoodleMatch2.4.4
ORmoodlemoodleMatch2.4.5
ORmoodlemoodleMatch2.5.0
ORmoodlemoodleMatch2.5.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| moodle | moodle | * | cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* |
| moodle | moodle | 2.3.0 | cpe:2.3:a:moodle:moodle:2.3.0:*:*:*:*:*:*:* |
| moodle | moodle | 2.3.1 | cpe:2.3:a:moodle:moodle:2.3.1:*:*:*:*:*:*:* |
| moodle | moodle | 2.3.2 | cpe:2.3:a:moodle:moodle:2.3.2:*:*:*:*:*:*:* |
| moodle | moodle | 2.3.3 | cpe:2.3:a:moodle:moodle:2.3.3:*:*:*:*:*:*:* |
| moodle | moodle | 2.3.4 | cpe:2.3:a:moodle:moodle:2.3.4:*:*:*:*:*:*:* |
| moodle | moodle | 2.3.5 | cpe:2.3:a:moodle:moodle:2.3.5:*:*:*:*:*:*:* |
| moodle | moodle | 2.3.6 | cpe:2.3:a:moodle:moodle:2.3.6:*:*:*:*:*:*:* |
| moodle | moodle | 2.3.7 | cpe:2.3:a:moodle:moodle:2.3.7:*:*:*:*:*:*:* |
| moodle | moodle | 2.3.8 | cpe:2.3:a:moodle:moodle:2.3.8:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Moodle 2.3.8/2.4.5 - Multiple Vulnerabilities
2013-09-09 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2017-07-03 19:21:39
nvd
nvd
CVE-2013-4341
2013-09-16 13:02:48
cvelist
cvelist
CVE-2013-4341
2013-09-16 10:00:00
ubuntucve
ubuntucve
CVE-2013-4341
2013-09-16 00:00:00
prion
prion
Cross site scripting
2013-09-16 13:02:00
mageia
mageia
Updated moodle package fixes multiple security vulnerabilities
2013-09-19 13:33:27
openvas
openvas
Mageia: Security Advisory (MGASA-2013-0280)
2022-01-28 00:00:00
zdt
zdt
Moodle Authenticated Spelling Binary Remote Code Execution Exploit
2021-10-13 00:00:00
packetstorm
packetstorm
Moodle Authenticated Spelling Binary Remote Code Execution
2021-10-12 00:00:00
metasploit
metasploit
Moodle Authenticated Spelling Binary RCE
2021-08-29 14:50:25
nessus
nessus
rapid7blog
rapid7blog
Metasploit Wrap-Up
2021-10-15 18:49:08
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
7.8
Confidence
High
EPSS
0.002
Percentile
53.6%
Related for CVE-2013-4341