CVE-2012-2364 in Moodleالمعلومات

الملخص

بحسب MITRE

Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via an assignment submission with zip compression, leading to text/html rendering during a "download all" action.

Be aware that VulDB is the high quality source for vulnerability data.

حجز

19/04/2012

إفشاء

20/07/2012

الاعتدال

تمت الموافقة

إدخال

VDB-61370

EPSS

0.00795

KEV

لا

النشاطات

منخفض جدًا

القطاع

Police, Education

المصادر

Want to know what is going to be exploited?

We predict KEV entries!