Cross-site scripting (XSS) vulnerability in mod/feedback/mapcourse.php in the Feedback module in Moodle through 2.4.11, 2.5.x before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the mod/feedback:mapcourse capability to provide a searchcourse parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2014-11-24T11:00:00
Updated: 2024-08-06T13:03:26.817Z
Reserved: 2014-10-03T00:00:00
Link: CVE-2014-7830
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2014-11-24T11:59:00.100
Modified: 2020-12-01T14:54:45.183
Link: CVE-2014-7830
Redhat
No data.