Multiple cross-site scripting (XSS) vulnerabilities in the File Picker module in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 allow remote authenticated users to inject arbitrary web script or HTML via a crafted filename.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2013-03-25T21:00:00

Updated: 2024-08-06T15:13:33.246Z

Reserved: 2013-02-19T00:00:00

Link: CVE-2013-1833

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-03-25T21:55:04.417

Modified: 2020-12-01T14:52:24.377

Link: CVE-2013-1833

cve-icon Redhat

No data.