Lucene search
RedhatCVELIST:CVE-2020-25702HistoryNov 19, 2020 - 4:17 p.m.
CVE-2020-25702
2020-11-1916:17:03
CWE-79
redhat
www.cve.org
6
moodle
content bank
javascript
injection
vulnerability
cve-2020-25702
In Moodle, it was possible to include JavaScript when re-naming content bank items. Versions affected: 3.9 to 3.9.2. This is fixed in moodle 3.9.3 and 3.10.
CNA Affected
[
{
"product": "moodle",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in 3.9.3, Fixed in 3.10"
}
]
}
]References
bugzilla.redhat.com/show_bug.cgi?id=1895437
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4NNFCHPPHRJNJROIX6SYMHOC6HMKP3GU/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B55KXBVAT45MDASJ3EK6VIGQOYGJ4NH6/
moodle.org/mod/forum/discuss.php?d=413940
Related
openvas
openvas
Moodle 3.9.x < 3.9.3 XSS Vulnerability
2020-11-27 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2020-db73e37548)
2020-11-28 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2020-304aa2c365)
2020-11-28 00:00:00
nvd
nvd
CVE-2020-25702
2020-11-19 17:15:12
veracode
veracode
Cross-Site Scripting (XSS)
2020-11-20 05:47:25
osv
osv
Cross-site Scripting (XSS) in moodle
2021-03-29 20:43:08
BIT-moodle-2020-25702
2024-03-06 11:11:28
CVE-2020-25702
2020-11-19 17:15:12
cve
cve
CVE-2020-25702
2020-11-19 17:15:12
prion
prion
Code injection
2020-11-19 17:15:00
github
github
Cross-site Scripting (XSS) in moodle
2021-03-29 20:43:08
ubuntucve
ubuntucve
CVE-2020-25702
2020-11-19 00:00:00
nessus
nessus
Fedora 32 : moodle (2020-db73e37548)
2020-11-30 00:00:00
Fedora 33 : moodle (2020-304aa2c365)
2020-11-30 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: moodle-3.8.6-1.fc32
2020-11-28 02:10:53
[SECURITY] Fedora 33 Update: moodle-3.9.3-1.fc33
2020-11-28 02:04:40