Search for vulnerabilities
Vulnerability ID | VCID-w5s9-wjpe-bkc1 |
Aliases |
CVE-2013-7341
GHSA-j6c3-3c4w-qv8p |
Summary | Moodle cross-site scripting (XSS) vulnerabilities Multiple cross-site scripting (XSS) vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by (1) providing a crafted playerId or (2) referencing an external domain, a related issue to CVE-2013-7342. |
Status | Published |
Exploitability | 0.5 |
Weighted Severity | 6.2 |
Risk | 3.1 |
Affected and Fixed Packages | Package Details |
Percentile | 0.49074 |
EPSS Score | 0.00258 |
Published At | June 30, 2025, 12:55 p.m. |
Date | Actor | Action | Source | VulnerableCode Version |
---|---|---|---|---|
2025-07-01T12:27:42.590891+00:00 | GithubOSV Importer | Import | https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-j6c3-3c4w-qv8p/GHSA-j6c3-3c4w-qv8p.json | 36.1.3 |