CVE-2015-2273 in Moodleinfo

Summary

Cross-site scripting (XSS) vulnerability in mod/quiz/report/statistics/statistics_question_table.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a crafted quiz response.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

03/09/2015

Disclosure

06/01/2015

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

3.5

EPSS

0.00209

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-2273
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-2273
CVE Details	https://www.cvedetails.com/cve/CVE-2015-2273/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!