Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in blocks/html/block_html.php in Snoopy 1.2.3, as used in Moodle 1.6 before 1.6.9, 1.7 before 1.7.7, 1.8 before 1.8.8, and 1.9 before 1.9.4, allows remote attackers to inject arbitrary web script or HTML via an HTML block, which is not properly handled when the "Login as" feature is used to visit a MyMoodle or Blog page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Moodle Snoopy 跨站脚本漏洞
Vulnerability Description
Moodle是一套免费、开源的电子学习软件平台,也称课程管理系统、学习管理系统或虚拟学习环境。Snoopy是一款模拟Web浏览器的PHP类,它提供网页内容检索和表单发布等功能。 Snoopy 1.2.3版本中的blocks/html/block_html.php存在跨站脚本漏洞。当在Moodle 1.6.9之前的1.6,1.7.7之前的1.7,1.8.8之前的1.8以及1.9.4之前的1.9版本中使用时,远程攻击者可以借助一个HTML block,注入任意的web脚本或HTML。当"以...身份登录"特性
CVSS Information
N/A
Vulnerability Type
N/A