CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-25631

A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4 and 3.7 to 3.7.7 where it was possible to include JavaScript in a book's chapter title, which was not escaped on the "Add new chapter" page. This is fixed in 3.9.2, 3.8.5 and 3.7.8.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.1%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2020-25631

Moodle » Moodle » Version: 3.7.0

cpe:2.3:a:moodle:moodle:3.7.0
Moodle » Moodle » Version: 3.7.1

cpe:2.3:a:moodle:moodle:3.7.1
Moodle » Moodle » Version: 3.7.2

cpe:2.3:a:moodle:moodle:3.7.2
Moodle » Moodle » Version: 3.7.3

cpe:2.3:a:moodle:moodle:3.7.3
Moodle » Moodle » Version: 3.7.4

cpe:2.3:a:moodle:moodle:3.7.4
Moodle » Moodle » Version: 3.7.5

cpe:2.3:a:moodle:moodle:3.7.5
Moodle » Moodle » Version: 3.7.6

cpe:2.3:a:moodle:moodle:3.7.6
Moodle » Moodle » Version: 3.7.7

cpe:2.3:a:moodle:moodle:3.7.7
Moodle » Moodle » Version: 3.8.0

cpe:2.3:a:moodle:moodle:3.8.0
Moodle » Moodle » Version: 3.8.1

cpe:2.3:a:moodle:moodle:3.8.1
Moodle » Moodle » Version: 3.8.2

cpe:2.3:a:moodle:moodle:3.8.2
Moodle » Moodle » Version: 3.8.3

cpe:2.3:a:moodle:moodle:3.8.3
Moodle » Moodle » Version: 3.8.4

cpe:2.3:a:moodle:moodle:3.8.4
Moodle » Moodle » Version: 3.9.0

cpe:2.3:a:moodle:moodle:3.9.0
Moodle » Moodle » Version: 3.9.1

cpe:2.3:a:moodle:moodle:3.9.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-25631

Products

Pricing

Contact Us