Versio.io

CVE-2013-4341

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 16-09-2013 03:02
Last modified: - 01-05-2022 03:23
Total changes: - 3

Description

Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote attackers to inject arbitrary web script or HTML via a crafted blog link within an RSS feed.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:N/I:P/A:N
Low
Attack complexity
Network
Attack vector
None
Availability
None
Confidentiality
Low
Integrity
-
Privileges required
-
Scope
-
User interaction
4.3
Base score
8.6
2.9
Exploitability score
Impact score
 

Verification logic

OR
vendor=moodle AND product=moodle AND versionEndIncluding=2.2.11
vendor=moodle AND product=moodle AND version=2.3.0
vendor=moodle AND product=moodle AND version=2.3.1
vendor=moodle AND product=moodle AND version=2.3.2
vendor=moodle AND product=moodle AND version=2.3.3
vendor=moodle AND product=moodle AND version=2.3.4
vendor=moodle AND product=moodle AND version=2.3.5
vendor=moodle AND product=moodle AND version=2.3.6
vendor=moodle AND product=moodle AND version=2.3.7
vendor=moodle AND product=moodle AND version=2.3.8
vendor=moodle AND product=moodle AND version=2.4.0
vendor=moodle AND product=moodle AND version=2.4.1
vendor=moodle AND product=moodle AND version=2.4.2
vendor=moodle AND product=moodle AND version=2.4.3
vendor=moodle AND product=moodle AND version=2.4.4
vendor=moodle AND product=moodle AND version=2.4.5
vendor=moodle AND product=moodle AND version=2.5.0
vendor=moodle AND product=moodle AND version=2.5.1
 

Reference

 


Keywords

NVD

 

CVE-2013-4341

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.