Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 17/02/2023 Updated: 28/02/2023

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 0

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote malicious user to perform cross-site scripting (XSS) attacks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
moodle moodle 4.1.0
moodle moodle

CWE-79 https://bugzilla.redhat.com/show_bug.cgi?id=2162547 https://moodle.org/mod/forum/discuss.php?d=443273#p1782022 http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-76861 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-23922

Vulnerability Summary

References

Vulmon Search

About

Products

Connect