Описание
Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:moodle:moodle:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:nimish_pachapurkar:spike_phpcoverage:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02789
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
ubuntu
почти 13 лет назад
Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka spikephpcoverage) library, as used in Moodle 2.0.x before 2.0.2 and other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
debian
почти 13 лет назад
Cross-site scripting (XSS) vulnerability in the Spike PHPCoverage (aka ...
github
около 3 лет назад
Moodle vulnerable to XSS via bundled spikephpcoverage library
EPSS
Процентиль: 85%
0.02789
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79