CVE-2012-3396

Опубликовано: 23 июл. 2012

Источник: nvd

CVSS2: 3.5

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in cohort/edit_form.php in Moodle 2.0.x before 2.0.10, 2.1.x before 2.1.7, 2.2.x before 2.2.4, and 2.3.x before 2.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the idnumber field. NOTE: this vulnerability exists because of an incorrect fix for CVE-2012-2365.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:moodle:moodle:2.0.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.6:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.7:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.8:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.0.9:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.4:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.5:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.1.6:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.0:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.1:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.2:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.2.3:*:*:*:*:*:*:*

cpe:2.3:a:moodle:moodle:2.3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 43%

0.00208

Низкий

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2012-3396

ubuntu

почти 13 лет назад

CVE-2012-3396

debian

почти 13 лет назад

Cross-site scripting (XSS) vulnerability in cohort/edit_form.php in Mo ...

GHSA-gr8w-hm62-xw58

github

около 3 лет назад

EPSS

Процентиль: 43%

0.00208

Низкий

3.5 Low

CVSS2

Дефекты

CWE-79