WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14881)

Description

A vulnerability was found in moodle 3.7 before 3.7.3, where there is blind XSS reflected in some locations where user email is displayed.

Remediation

References

Related Vulnerabilities

WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.15)

phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-2562)

Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2018-14630)

MySQL CVE-2021-35610 Vulnerability (CVE-2021-35610)

Drupal Core 6.x Multiple Cross-Site Scripting Vulnerabilities (6.0 - 6.20)

Severity

Medium

Classification

CVE-2019-14881 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities