Описание
Moodle vulnerable to Cross-site Scripting
Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-35131
- https://bugzilla.redhat.com/show_bug.cgi?id=2214369
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT
- https://moodle.org/mod/forum/discuss.php?d=447829
- http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76683
Пакеты
Наименование
moodle/moodle
composer
Затронутые версииВерсия исправления
= 4.2.0
4.2.1
Наименование
moodle/moodle
composer
Затронутые версииВерсия исправления
>= 4.1.0, < 4.1.4
4.1.4
Наименование
moodle/moodle
composer
Затронутые версииВерсия исправления
>= 4.0.0, < 4.0.9
4.0.9
Наименование
moodle/moodle
composer
Затронутые версииВерсия исправления
< 3.11.15
3.11.15
Связанные уязвимости
CVSS3: 6.1
ubuntu
около 2 лет назад
Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.
CVSS3: 6.1
nvd
около 2 лет назад
Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.
CVSS3: 6.1
debian
около 2 лет назад
Content on the groups page required additional sanitizing to prevent a ...
