Lucene search
Veracode Vulnerability DatabaseVERACODE:4766HistoryJul 27, 2017 - 11:14 p.m.
Cross-site Scripting (XSS)
2017-07-2723:14:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
EPSS
0.003
Percentile
68.6%
Moodle is vulnerable to cross-site scripting (XSS) attacks. A malicious user can inject and execute arbitrary web script by passing an AJAX script to the application encoded in UTF7.
References
www.mandriva.com/security/advisories?name=MDVSA-2015:200
www.openwall.com/lists/oss-security/2015/04/01/1
www.openwall.com/lists/oss-security/2015/04/07/3
www.securityfocus.com/bid/73477
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-47966
lists.wikimedia.org/pipermail/mediawiki-announce/2015-March/000175.html
moodle.org/mod/forum/discuss.php?d=275146
phabricator.wikimedia.org/T85113
security.gentoo.org/glsa/201510-05
Related
nvd
nvd
CVE-2015-2939
2015-04-13 14:59:12
debiancve
debiancve
CVE-2015-2939
2015-04-13 14:59:12
ubuntucve
ubuntucve
CVE-2015-2939
2015-04-13 00:00:00
prion
prion
Cross site scripting
2015-04-13 14:59:00
cvelist
cvelist
CVE-2015-2939
2015-04-13 14:00:00
cve
cve
CVE-2015-2939
2015-04-13 14:59:12
mageia
mageia
Updated mediawiki packages fix security vulnerabilities
2015-04-10 01:44:14
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0142)
2022-01-28 00:00:00
Gentoo Security Advisory GLSA 201510-05
2015-11-08 00:00:00
securityvulns
securityvulns
[ MDVSA-2015:200 ] mediawiki
2015-05-12 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : mediawiki (MDVSA-2015:200)
2015-04-10 00:00:00
MediaWiki < 1.19.24 / 1.23.9 / 1.24.2 Multiple Vulnerabilities
2015-06-12 00:00:00
GLSA-201510-05 : MediaWiki: Multiple vulnerabilities
2015-11-02 00:00:00
kaspersky
kaspersky
KLA10545 Multiple vulnerabilities in MediaWiki and extensions
2015-04-13 00:00:00
archlinux
archlinux
mediawiki: multiple issues
2015-04-10 00:00:00
gentoo
gentoo
MediaWiki: Multiple vulnerabilities
2015-10-31 00:00:00