CVE-2023-23921 in Moodleinfo

Zusammenfassung

von MITRE • 17.02.2023

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks.

Be aware that VulDB is the high quality source for vulnerability data.

Reservieren

19.01.2023

Veröffentlichung

17.02.2023

Moderieren

akzeptiert

Eintrag

VDB-221427

CPE

bereit

EPSS

0.00815

KEV

nein

Aktivitäten

very low

Quellen

Do you want to use VulDB in your project?

Use the official API to access entries easily!