Published: 16/09/2013 Updated: 01/05/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Moodle up to and including 2.2.11, 2.3.x prior to 2.3.9, 2.4.x prior to 2.4.6, and 2.5.x prior to 2.5.2 allow remote malicious users to inject arbitrary web script or HTML via a crafted blog link within an RSS feed.

Vulnerable Product	Search on Vulmon	Subscribe to Product
moodle moodle 2.3.8
moodle moodle 2.5.1
moodle moodle 2.3.4
moodle moodle 2.3.1
moodle moodle 2.4.3
moodle moodle 2.4.1
moodle moodle
moodle moodle 2.4.2
moodle moodle 2.3.6
moodle moodle 2.3.5
moodle moodle 2.3.0
moodle moodle 2.3.2
moodle moodle 2.3.3
moodle moodle 2.3.7
moodle moodle 2.4.0
moodle moodle 2.4.4
moodle moodle 2.4.5
moodle moodle 2.5.0

####################################################################### Ciaran McNally Application: Moodle downloadmoodleorg/ Versions: <= 238, 245 Platforms: Windows, Mac, Linux Bug: Persistant XSS / CSRF Exploitation: WEB Date: 9 September ...

CWE-79 https://moodle.org/mod/forum/discuss.php?d=238399 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-41623 http://packetstormsecurity.com/files/164479/Moodle-Authenticated-Spelling-Binary-Remote-Code-Execution.html https://nvd.nist.gov https://www.exploit-db.com/exploits/28174/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-4341

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect