# xss

GHSA-28gc-4qq5-8q26: Moodle Cross-site Scripting vulnerability

#xss #vulnerability #git

The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content.

2 years ago

ghsa

GHSA-9724-h8p7-r3jv: Moodle Cross-site Scripting vulnerability

#xss #vulnerability #git

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.

2 years ago

ghsa

CVE-2023-5541: Official Moodle git projects - moodle.git/search

#xss #vulnerability #git

The CSV grade import method contained an XSS risk for users importing the spreadsheet, if it contained unsafe content.

2 years ago

CVE-2023-5547: Official Moodle git projects - moodle.git/search

The course upload preview contained an XSS risk for users uploading unsafe data.

2 years ago

CVE-2023-5544: Official Moodle git projects - moodle.git/search

Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.

2 years ago

CVE-2023-5546: Official Moodle git projects - moodle.git/search

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.

2 years ago

CVE-2023-45885: XSS in NASAs Open MCT v3.1.0

Cross Site Scripting (XSS) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to run arbitrary code via the new component feature in the flexibleLayout plugin.

2 years ago

CVE-2023-36688: WordPress Simple Site Verify plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability - Patchstack

#xss #csrf #vulnerability #web #js #java

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Michael Mann Simple Site Verify plugin <= 1.0.7 versions.

2 years ago