Lucene search

K

RedhatCVELIST:CVE-2014-3544

HistoryJul 29, 2014 - 10:00 a.m.

CVE-2014-3544

2014-07-2910:00:00

redhat

www.cve.org

5

AI Score

5.1

Confidence

High

EPSS

0.004

Percentile

74.6%

Cross-site scripting (XSS) vulnerability in user/profile.php in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allows remote authenticated users to inject arbitrary web script or HTML via the Skype ID profile field.

References

git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45683

openwall.com/lists/oss-security/2014/07/21/1

osandamalith.wordpress.com/2014/07/25/moodle-2-7-persistent-xss/

osvdb.org/show/osvdb/109337

packetstormsecurity.com/files/127624/Moodle-2.7-Cross-Site-Scripting.html

www.exploit-db.com/exploits/34169

www.securityfocus.com/bid/68756

github.com/moodle/moodle/commit/ce5a785b0962c3c94c7a7b0d36176482d21db95d

moodle.org/mod/forum/discuss.php?d=264265

AI Score

5.1

Confidence

High

EPSS

0.004

Percentile

74.6%

Related for CVELIST:CVE-2014-3544

packetstorm1 ubuntucve1 exploitdb1 cve1 prion1 veracode1 github1 nvd1 osv1 nessus3 openvas6 mageia1 fedora5