| Max CVSS | 6.8 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-2231 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz atte
|
01-12-2020 - 14:52 | 28-06-2010 - 17:30 | |
| CVE-2010-2229 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.
|
01-12-2020 - 14:52 | 28-06-2010 - 17:30 | |
| CVE-2010-2228 | 4.3 |
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors involving extended characters in a username.
|
01-12-2020 - 14:52 | 28-06-2010 - 17:30 | |
| CVE-2010-2230 | 4.0 |
The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via HTML input.
|
01-12-2020 - 14:52 | 28-06-2010 - 17:30 |