Описание
In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| moodle | removed | package |
Примечания
http://www.daimacn.com/post/12.html
https://tracker.moodle.org/browse/MDL-52038
Not considered a security issue/bug upstream, disputed that it got a CVE
assigned. Mark as unimportant as non-issue.
Связанные уязвимости
CVSS3: 5.4
ubuntu
больше 8 лет назад
In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element.
CVSS3: 5.4
nvd
больше 8 лет назад
In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element.
CVSS3: 5.4
github
около 3 лет назад
Moodle Cross-site Scripting in the Course summary filter of the Add a new course