Lucene search
MitreCVELIST:CVE-2021-36568HistorySep 13, 2022 - 9:06 p.m.
CVE-2021-36568
2022-09-1321:06:51
mitre
www.cve.org
5
moodle
course creation
arbitrary
text field
xss
cross site scripting
stored
cve-2021-36568
EPSS
0.001
Percentile
38.0%
In certain Moodle products after creating a course, it is possible to add in a arbitrary “Topic” a resource, in this case a “Database” with the type “Text” where its values “Field name” and “Field description” are vulnerable to Cross Site Scripting Stored(XSS). This affects Moodle 3.11 and Moodle 3.10.4 and Moodle 3.9.7.
References
blog.hackingforce.com.br/en/cve-2021-36568/
drive.google.com/drive/folders/1_fO4BKpmD3avGYHSzvIXWs5owqVYgB1s?usp=sharing
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ERQ3NHVOK4ZXT4MS4LBQ2ZJHTON3LIMW/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PRI4ETMQ4DJR3TZUOOGPBQ32RBD5LNGC/
Related
prion
prion
Cross site scripting
2022-09-13 22:15:00
fedora
fedora
[SECURITY] Fedora 36 Update: moodle-3.11.10-1.fc36
2022-09-21 01:13:19
[SECURITY] Fedora 35 Update: moodle-3.11.10-1.fc35
2022-09-21 01:22:40
osv
osv
BIT-moodle-2021-36568
2024-03-06 11:08:05
CVE-2021-36568
2022-09-13 22:15:08
Moodle Cross-site Scripting vulnerability
2022-09-14 00:00:41
ubuntucve
ubuntucve
CVE-2021-36568
2022-09-13 00:00:00
openvas
openvas
Fedora: Security Advisory for moodle (FEDORA-2022-50c091d963)
2022-09-23 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2022-1c77803b43)
2022-09-23 00:00:00
nvd
nvd
CVE-2021-36568
2022-09-13 22:15:08
github
github
Moodle Cross-site Scripting vulnerability
2022-09-14 00:00:41
cve
cve
CVE-2021-36568
2022-09-13 22:15:08
redos
redos
ROS-20221013-02
2022-10-13 00:00:00