VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-7g7m-bu5q-gbcx

Vulnerability ID	VCID-7g7m-bu5q-gbcx
Aliases	CVE-2014-0218 GHSA-ch68-5r37-p7c3
Summary	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Cross-site scripting (XSS) vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Status	Published
Exploitability	None
Weighted Severity	None
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
There are no known severity scores.

Reference id	Reference type	URL
		http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-45332
		http://openwall.com/lists/oss-security/2014/05/19/1
		https://github.com/moodle/moodle/commit/5c276a4c324b5137064496d6dd68e71476015fcd
		https://github.com/moodle/moodle/commit/729783c4ba971413198f30784b48e3f2107a8da6
		https://github.com/moodle/moodle/commit/b8a6f7d19d623bcf992d8ecda94324100bc50e9d
		https://github.com/moodle/moodle/commit/c5e8a036c509197bb2927f47c0579992be479f35
		https://moodle.org/mod/forum/discuss.php?d=260366
		https://web.archive.org/web/20141224120458/http://www.securityfocus.com/bid/67479
CVE-2014-0218		https://nvd.nist.gov/vuln/detail/CVE-2014-0218
GHSA-ch68-5r37-p7c3		https://github.com/advisories/GHSA-ch68-5r37-p7c3

No exploits are available.

There are no known vectors.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-02T04:42:57.710088+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2014-0218.yml	38.6.0