CVE-2012-2364 in Moodlethông tin

Tóm tắt

Bởi MITRE

Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via an assignment submission with zip compression, leading to text/html rendering during a "download all" action.

Be aware that VulDB is the high quality source for vulnerability data.

Đặt trước

19/04/2012

Tiết lộ

20/07/2012

Kiểm duyệt

được chấp nhận

mục

VDB-61370

EPSS

0.00795

KEV

không

Các hoạt động

rất thấp

Nguồn

Do you need the next level of professionalism?

Upgrade your account now!