GHSA-4m6v-x9fj-847j

Опубликовано: 14 мая 2022

Источник: github

Github: Прошло ревью

CVSS3: 5.4

Описание

Moodle Cross-site Scripting in the Course summary filter of the Add a new course

In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element.

Ссылки

Пакеты

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

>= 3.2, <= 3.2.2

Отсутствует

EPSS

Процентиль: 47%

0.00243

Низкий

5.4 Medium

CVSS3

CVE ID

CVE-2017-7298

Дефекты

CWE-79

Связанные уязвимости

CVE-2017-7298

CVSS3: 5.4

ubuntu

больше 8 лет назад

In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element.

CVE-2017-7298

CVSS3: 5.4

nvd

больше 8 лет назад

In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element.

CVE-2017-7298

CVSS3: 5.4

debian

больше 8 лет назад

In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Ad ...

EPSS

Процентиль: 47%

0.00243

Низкий

5.4 Medium

CVSS3

CVE ID

CVE-2017-7298

Дефекты

CWE-79