VULHUB ™

Moodle is reported susceptible to multiple unspecified input validation vulnerabilities. These vulnerabilities are due to a failure of the application to properly sanitize user-supplied input data. These unspecified issues may be cross-site scripting, HTML injection, or SQL injection vulnerabilities. Cross-site scripting and HTML injection issues could permit a remote attacker to cause hostile HTML or script code to be rendered in the web browser of victim users. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks. SQL injection issues may be exploited to manipulate SQL queries, potentially revealing or corrupting sensitive database data. SQL injection issues may also facilitate attacks against the underlying database software. Versions prior to 1.4.2 are reported susceptible to these vulnerabilities.

Moodle is reported susceptible to multiple unspecified input validation vulnerabilities. These vulnerabilities are due to a failure of the application to properly sanitize user-supplied input data. These unspecified issues may be cross-site scripting, HTML injection, or SQL injection vulnerabilities. Cross-site scripting and HTML injection issues could permit a remote attacker to cause hostile HTML or script code to be rendered in the web browser of victim users. This would occur in the security context of the affected web site and may allow for theft of cookie-based authentication credentials or other attacks. SQL injection issues may be exploited to manipulate SQL queries, potentially revealing or corrupting sensitive database data. SQL injection issues may also facilitate attacks against the underlying database software. Versions prior to 1.4.2 are reported susceptible to these vulnerabilities.