Lucene search
GoogleOSV:GHSA-6656-6QWX-4C2MHistoryMay 13, 2022 - 1:13 a.m.
Moodle XSS In Tag Autocomplete functionality
2022-05-1301:13:09
Google
osv.dev
7
moodle
xss
vulnerability
tag autocomplete
remote attackers
web script
html
Cross-site scripting (XSS) vulnerability in the tag autocomplete functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
git.moodle.org/gw?p=moodle.git;a=commit;h=fd29b2ad1c20906da00d7e523f39bc8a0358a65b
moodle.org/mod/forum/discuss.php?d=170003
openwall.com/lists/oss-security/2011/11/14/1
github.com/moodle/moodle
github.com/moodle/moodle/commit/34b93e39a64a68e4a676b93ccf2bd87a1d3b5ef8
github.com/moodle/moodle/commit/fd29b2ad1c20906da00d7e523f39bc8a0358a65b
nvd.nist.gov/vuln/detail/CVE-2011-4278
Related
github
github
Moodle XSS In Tag Autocomplete functionality
2022-05-13 01:13:09
ubuntucve
ubuntucve
CVE-2011-4278
2012-07-16 00:00:00
cve
cve
CVE-2011-4278
2012-07-16 10:28:36
nvd
nvd
CVE-2011-4278
2012-07-16 10:28:36
cvelist
cvelist
CVE-2011-4278
2012-07-16 10:00:00
prion
prion
Cross site scripting
2012-07-16 10:28:00
nessus
nessus
Moodle 1.9.x < 1.9.11 Multiple Vulnerabilities
2015-04-20 00:00:00
Moodle 2.0.x < 2.0.2 Multiple Vulnerabilities
2015-04-20 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2262-1)
2011-08-03 00:00:00
Debian Security Advisory DSA 2262-1 (moodle)
2011-08-03 00:00:00
Debian: Security Advisory (DSA-2262-1)
2011-08-03 00:00:00