Lucene search

K

Veracode Vulnerability DatabaseVERACODE:4827

HistoryJul 30, 2017 - 10:12 p.m.

Cross-site Scripting (XSS)

2017-07-3022:12:58

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

13

EPSS

0.004

Percentile

74.6%

Moodle is vulnerable to cross-site scripting (XSS) attacks. These attacks are possible because the Skype ID profile field is not sanitized.

References

git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45683

openwall.com/lists/oss-security/2014/07/21/1

osandamalith.wordpress.com/2014/07/25/moodle-2-7-persistent-xss/

osvdb.org/show/osvdb/109337

packetstormsecurity.com/files/127624/Moodle-2.7-Cross-Site-Scripting.html

www.exploit-db.com/exploits/34169

www.securityfocus.com/bid/68756

github.com/moodle/moodle/commit/ce5a785b0962c3c94c7a7b0d36176482d21db95d

moodle.org/mod/forum/discuss.php?d=264265

www.exploit-db.com/exploits/34169/

EPSS

0.004

Percentile

74.6%

Related for VERACODE:4827

packetstorm1 ubuntucve1 exploitdb1 cve1 prion1 github1 nvd1 osv1 cvelist1 nessus3 openvas6 mageia1 fedora5