Cross-site scripting (XSS) vulnerability in lib/filelib.php in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via an assignment submission with zip compression, leading to text/html rendering during a "download all" action.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-07-21T01:00:00

Updated: 2024-08-06T19:34:23.873Z

Reserved: 2012-04-19T00:00:00

Link: CVE-2012-2364

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-07-21T03:38:56.377

Modified: 2024-11-21T01:38:57.340

Link: CVE-2012-2364

cve-icon Redhat

No data.