Описание
Moodle XSS Vulnerability
Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly restrict the availability of Flowplayer, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted .swf file.
Пакеты
moodle/moodle
<= 2.6.11
Отсутствует
moodle/moodle
>= 2.7.0, < 2.7.11
2.7.11
moodle/moodle
>= 2.8.0, < 2.8.9
2.8.9
moodle/moodle
>= 2.9.0, < 2.9.3
2.9.3
Связанные уязвимости
Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly restrict the availability of Flowplayer, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted .swf file.
Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not properly restrict the availability of Flowplayer, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted .swf file.
Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2. ...
Уязвимость системы управления обучением Мoodle, позволяющая нарушителю провести XSS-атаки