A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 03:47
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
13 Jun 2022, 14:46
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGF35EN5K2R6X3NTY3XPZSJ3UDASMXI6/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIMSIRKCFLIC646K4GMUSZU7THOUVPAJ/ - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCTWSE3JDMSYL7DPCMXMMJEXZSS6VIA5/ - Mailing List, Third Party Advisory | |
CPE | cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:* cpe:2.3:a:moodle:moodle:4.0.0:-:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:* |
02 Jun 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 May 2022, 12:40
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 5.4 |
CWE | CWE-79 | |
CPE | cpe:2.3:a:moodle:moodle:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:* cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* |
|
First Time |
Fedoraproject
Moodle moodle Fedoraproject fedora Redhat Moodle Redhat enterprise Linux |
|
References | (MISC) https://moodle.org/mod/forum/discuss.php?d=434578 - Vendor Advisory | |
References | (MISC) http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-74204 - Patch, Vendor Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2083583 - Issue Tracking, Third Party Advisory |
18 May 2022, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-05-18 17:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-30596
Mitre link : CVE-2022-30596
CVE.ORG link : CVE-2022-30596
JSON object : View
Products Affected
redhat
- enterprise_linux
moodle
- moodle
fedoraproject
- fedora
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')