CVE-2012-2364 in Moodleinformazioni

Riassunto

di MITRE

Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via an assignment submission with zip compression, leading to text/html rendering during a "download all" action.

Be aware that VulDB is the high quality source for vulnerability data.

Prenotare

19/04/2012

Divulgazione

20/07/2012

Moderazione

accettato

CPE

pronto

EPSS

0.00795

KEV

no

Attività

molto basso

Fonti

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!