Описание
Cross-site Scripting in moodle
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.
Пакеты
moodle/moodle
>= 3.11.0, < 3.11.4
3.11.4
moodle/moodle
>= 3.10.0, < 3.10.8
3.10.8
moodle/moodle
>= 3.9.0, < 3.9.11
3.9.11
Связанные уязвимости
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...
Уязвимость системы управления Moodle, связанная с непринятием мер по защите структуры веб-страниц, позволяющая нарушителю осуществлять межсайтовые сценарные атаки (XSS)