Количество 4
Количество 4
CVE-2014-9059
lib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide charset information in HTTP headers, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 characters during interaction with AJAX scripts.
CVE-2014-9059
lib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide charset information in HTTP headers, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 characters during interaction with AJAX scripts.
CVE-2014-9059
lib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x befo ...
GHSA-crcq-pw8h-9xwf
Moodle does not provide charset information in HTTP headers
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2014-9059 lib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide charset information in HTTP headers, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 characters during interaction with AJAX scripts. | CVSS2: 4.3 | 0% Низкий | больше 10 лет назад |
 | CVE-2014-9059 lib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 does not provide charset information in HTTP headers, which might allow remote attackers to conduct cross-site scripting (XSS) attacks via UTF-7 characters during interaction with AJAX scripts. | CVSS2: 4.3 | 0% Низкий | больше 10 лет назад |
| CVE-2014-9059 lib/setup.php in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x befo ... | CVSS2: 4.3 | 0% Низкий | больше 10 лет назад |
| GHSA-crcq-pw8h-9xwf Moodle does not provide charset information in HTTP headers | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу