Описание
Moodle vulnerable to Cross-site Scripting
Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-35131
- https://bugzilla.redhat.com/show_bug.cgi?id=2214369
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT
- https://moodle.org/mod/forum/discuss.php?d=447829
- http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76683
Пакеты
Наименование
moodle/moodle
composer
Затронутые версииВерсия исправления
= 4.2.0
4.2.1
Наименование
moodle/moodle
composer
Затронутые версииВерсия исправления
>= 4.1.0, < 4.1.4
4.1.4
Наименование
moodle/moodle
composer
Затронутые версииВерсия исправления
>= 4.0.0, < 4.0.9
4.0.9
Наименование
moodle/moodle
composer
Затронутые версииВерсия исправления
< 3.11.15
3.11.15
Связанные уязвимости
CVSS3: 6.1
ubuntu
почти 2 года назад
Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.
CVSS3: 6.1
nvd
почти 2 года назад
Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.
CVSS3: 6.1
debian
почти 2 года назад
Content on the groups page required additional sanitizing to prevent a ...
