Lucene search
Ubuntu.comUB:CVE-2014-9059HistoryNov 24, 2014 - 12:00 a.m.
CVE-2014-9059
2014-11-2400:00:00
ubuntu.com
ubuntu.com
15
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
71.9%
lib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before
2.6.6, and 2.7.x before 2.7.3 does not provide charset information in HTTP
headers, which might allow remote attackers to conduct cross-site scripting
(XSS) attacks via UTF-7 characters during interaction with AJAX scripts.
Related
nvd
nvd
CVE-2014-9059
2014-11-24 11:59:14
cvelist
cvelist
CVE-2014-9059
2014-11-24 11:00:00
prion
prion
Cross site scripting
2014-11-24 11:59:00
cve
cve
CVE-2014-9059
2014-11-24 11:59:14
osv
osv
Moodle does not provide charset information in HTTP headers
2022-05-13 01:12:43
github
github
Moodle does not provide charset information in HTTP headers
2022-05-13 01:12:43
nessus
nessus
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
71.9%
Related for UB:CVE-2014-9059