Description

Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via vectors that trigger an AJAX exception dialog.

Remediation

References

CVE-2014-3548

Related Vulnerabilities

WebLogic CVE-2023-21960 Vulnerability (CVE-2023-21960)

WordPress Plugin Downloads Manager 'upload.php' Arbitrary File Upload (0.2)

phpMyAdmin Other Vulnerability (CVE-2007-4306)

WordPress Plugin Better Search Replace Cross-Site Request Forgery (1.3.2)

WordPress Plugin Lingotek Translation Multiple Cross-Site Scripting Vulnerabilities (1.1.8)

Severity

Medium

Classification

CVE-2014-3548 CWE-707

Tags

Missing Update Known Vulnerabilities