Lucene search
GoogleOSV:GHSA-MX5G-3VXH-RGM8HistoryMay 13, 2022 - 1:13 a.m.
Moodle vulnerable to XSS via bundled spikephpcoverage library
2022-05-1301:13:17
Google
osv.dev
8
moodle
xss
vulnerability
spikephpcoverage
library
remote attackers
web script
html
unspecified vectors
software
Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References
git.moodle.org/gw?p=moodle.git;a=commit;h=bd654f0ced8af925c27b7c94321f0c299b50b38e
moodle.org/mod/forum/discuss.php?d=170005
openwall.com/lists/oss-security/2011/11/14/1
github.com/moodle/moodle
github.com/moodle/moodle/commit/bd654f0ced8af925c27b7c94321f0c299b50b38e
nvd.nist.gov/vuln/detail/CVE-2011-4280
Related
cve
cve
CVE-2011-4280
2012-07-16 10:28:36
prion
prion
Cross site scripting
2012-07-16 10:28:00
nvd
nvd
CVE-2011-4280
2012-07-16 10:28:36
exploitdb
exploitdb
Moodle 2.0.1 - 'PHPCOVERAGE_HOME' Cross-Site Scripting
2011-02-01 00:00:00
ubuntucve
ubuntucve
CVE-2011-4280
2012-07-16 00:00:00
cvelist
cvelist
CVE-2011-4280
2012-07-16 10:00:00
github
github
Moodle vulnerable to XSS via bundled spikephpcoverage library
2022-05-13 01:13:17
nessus
nessus
Moodle 2.0.x < 2.0.2 Multiple Vulnerabilities
2015-04-20 00:00:00