Description

Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via vectors that trigger an AJAX exception dialog.

Remediation

References

CVE-2014-3548

Related Vulnerabilities

Liferay Portal Other Vulnerability (CVE-2023-33947)

Oracle Database Server CVE-2013-3790 Vulnerability (CVE-2013-3790)

Dojo Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2021-23450)

WordPress Plugin WP Support Plus Responsive Ticket System Unspecified Vulnerability (8.0.7)

WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.0.226)

Severity

Medium

Classification

CVE-2014-3548 CWE-707

Tags

Missing Update Known Vulnerabilities