Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-67849

Опубликовано: 03 фев. 2026
Источник: nvd
CVSS3: 7.3
CVSS3: 6.1
EPSS Низкий

Описание

A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. When other users view these compromised pages, their sessions could be stolen, or the user interface could be manipulated.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
Версия от 4.5.0 (включая) до 4.5.8 (исключая)
cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*
Версия от 5.0.0 (включая) до 5.0.4 (исключая)
cpe:2.3:a:moodle:moodle:5.1.0:-:*:*:*:*:*:*

EPSS

Процентиль: 1%
0.00011
Низкий

7.3 High

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2025-67849

CVSS3: 7.3
ubuntu
2 месяца назад

A flaw was found in Moodle. This cross-site scripting (XSS) vulnerability, caused by improper sanitization of AI prompt responses, allows attackers to inject malicious HTML or script into web pages. When other users view these compromised pages, their sessions could be stolen, or the user interface could be manipulated.

debian логотип

CVE-2025-67849

CVSS3: 7.3
debian
2 месяца назад

A flaw was found in Moodle. This cross-site scripting (XSS) vulnerabil ...

redos логотип

ROS-20260224-73-0021

CVSS3: 6.1
redos
около 1 месяца назад

Уязвимость moodle

github логотип

GHSA-mhf6-pp52-8wqj

CVSS3: 7.3
github
2 месяца назад

Moodle Cross-site Scripting (XSS) vulnerability

EPSS

Процентиль: 1%
0.00011
Низкий

7.3 High

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79