Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2015-226909

Vulnerability Summary

Moodle suffers from persistent cross site scripting vulnerabilities. Input passed to the POST parameters 'config_title' and 'title' thru index.php, are not properly sanitized allowing the malicious user to execute HTML or JS code into user's browser session on the affected site. Affected components: Blocks, Glossary, RSS and Tags.

Exploits

Exploit DB: Moodle 2.5.9 / 2.6.8 / 2.7.5 / 2.8.3 Cross Site Scripting
Moodle suffers from persistent cross site scripting vulnerabilities Input passed to the POST parameters 'config_title' and 'title' thru indexphp, are not properly sanitized allowing the attacker to execute HTML or JS code into user's browser session on the affected site Affected components: Blocks, Glossary, RSS and Tags ...

References

https://packetstormsecurity.com/files/130865/Moodle-2.5.9-2.6.8-2.7.5-2.8.3-Cross-Site-Scripting.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook