CVE-2017-5945 in PoodLL Filter Plugin信息

摘要

由 MITRE

An issue was discovered in the PoodLL Filter plugin through 3.0.20 for Moodle. The vulnerability exists due to insufficient filtration of user-supplied data in the "poodll_audio_url" HTTP GET parameter passed to the "filter_poodll_moodle32_2016112802/poodll/mp3recorderskins/brazil/index.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Interested in the pricing of exploits?

See the underground prices here!