CVE-2017-5945 in PoodLL Filter Plugininformazioni

Riassunto

di MITRE

An issue was discovered in the PoodLL Filter plugin through 3.0.20 for Moodle. The vulnerability exists due to insufficient filtration of user-supplied data in the "poodll_audio_url" HTTP GET parameter passed to the "filter_poodll_moodle32_2016112802/poodll/mp3recorderskins/brazil/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Prenotare

09/02/2017

Divulgazione

10/02/2017

Moderazione

accettato

CPE

pronto

EPSS

0.00874

KEV

no

Attività

molto basso

Fonti

Want to know what is going to be exploited?

We predict KEV entries!