Skip to main content
CVE-2015-2269 LOW POC PATCH Monitor

Multiple cross-site scripting (XSS) vulnerabilities in lib/javascript-static.js in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allow remote authenticated. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

XSS Moodle
NVD Exploit-DB
CVSS 2.0
3.5
EPSS
0.5%
CVE-2015-3179 LOW PATCH Monitor

login/confirm.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows remote authenticated users to bypass intended login restrictions by leveraging access. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

PHP Privilege Escalation Moodle
NVD
CVSS 2.0
3.5
EPSS
0.3%
CVE-2015-3177 LOW Monitor

Moodle 2.8.x before 2.8.6 does not consider the tool/monitor:subscribe capability before entering subscriptions to site-wide event-monitor rules, which allows remote authenticated users to obtain. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Moodle
NVD
CVSS 2.0
3.5
EPSS
0.3%
CVE-2015-0216 LOW PATCH Monitor

access.php in the Lesson module in Moodle 2.8.x before 2.8.2 does not set the RISK_XSS bit for graders, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS PHP Moodle
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-3174 LOW PATCH Monitor

mod/quiz/db/access.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 does not set the RISK_XSS bit for graders, which allows remote authenticated users to. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Moodle
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-2273 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in mod/quiz/report/statistics/statistics_question_table.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS PHP Moodle
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-0212 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in course/pending.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS PHP Moodle
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-3178 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the external_format_text function in lib/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.11, 2.7.x before 2.7.8, and 2.8.x before 2.8.6 allows. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS PHP Moodle
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy