Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
moodle moodle 2.7.6 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-5337
Moodle up to and including 2.6.11, 2.7.x prior to 2.7.11, 2.8.x prior to 2.8.9, and 2.9.x prior to 2.9.3 does not properly restrict the availability of Flowplayer, which allows remote malicious users to conduct cross-site scripting (XSS) attacks via a crafted .swf file.