Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-67855

Опубликовано: 03 фев. 2026
Источник: debian
EPSS Низкий

Описание

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links. Successful exploitation could lead to information disclosure or arbitrary client-side script execution within the user's browser.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
moodleremovedpackage

EPSS

Процентиль: 3%
0.00016
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-67855

CVSS3: 5.4
ubuntu
5 дней назад

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links. Successful exploitation could lead to information disclosure or arbitrary client-side script execution within the user's browser.

nvd логотип

CVE-2025-67855

CVSS3: 5.4
nvd
5 дней назад

A flaw was found in mooodle. A remote attacker could exploit a reflected Cross-Site Scripting (XSS) vulnerability in the policy tool return URL. This vulnerability arises from insufficient sanitization of URL parameters, allowing attackers to inject malicious scripts through specially crafted links. Successful exploitation could lead to information disclosure or arbitrary client-side script execution within the user's browser.

github логотип

GHSA-vwhw-vp9v-q9c9

CVSS3: 5.4
github
5 дней назад

Moodle vulnerable to Cross-site Scripting

EPSS

Процентиль: 3%
0.00016
Низкий