Lucene search
Veracode Vulnerability DatabaseVERACODE:4655HistoryJul 25, 2017 - 4:56 a.m.
Cross-site Scripting (XSS)
2017-07-2504:56:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
39.8%
Moodle is vulnerable to cross-site scripting (XSS) attacks. The library does not properly filter user input to the quiz_question_tostring function in mod/quiz/editlib.php, allowing a malicious user to inject and execute arbitrary HTML script.
| CPE | Name | Operator | Version |
|---|---|---|---|
| moodle/moodle | le | 2.6.1 | |
| moodle/moodle | le | 2.4.8 | |
| moodle/moodle | le | 2.5.4 | |
| moodle/moodle | le | 2.3.11 |
Related
ubuntucve
ubuntucve
CVE-2014-2571
2014-03-24 00:00:00
prion
prion
Cross site scripting
2014-03-24 14:20:00
github
github
Moodle cross-site scripting (XSS) vulnerability
2022-05-13 01:12:52
osv
osv
Moodle cross-site scripting (XSS) vulnerability
2022-05-13 01:12:52
cve
cve
CVE-2014-2571
2014-03-24 14:20:39
cvelist
cvelist
CVE-2014-2571
2014-03-22 01:00:00
nvd
nvd
CVE-2014-2571
2014-03-24 14:20:39
nessus
nessus
Moodle 2.4.x < 2.4.9 Multiple Vulnerabilities
2016-07-21 00:00:00
Moodle 2.5.x < 2.5.5 Multiple Vulnerabilities
2016-07-21 00:00:00
Moodle 2.6.x < 2.6.2 Multiple Vulnerabilities
2016-07-21 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0160)
2022-01-28 00:00:00
mageia
mageia
Updated moodle packages fix multiple security vulnerabilities
2014-04-03 21:23:49