CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-23921

The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in some returnurl parameters. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.7%

CVSS Severity

CVSS v3 Score 6.1

References

Products affected by CVE-2023-23921

Moodle » Moodle » Version: 3.11.0

cpe:2.3:a:moodle:moodle:3.11.0
Moodle » Moodle » Version: 3.11.1

cpe:2.3:a:moodle:moodle:3.11.1
Moodle » Moodle » Version: 3.11.10

cpe:2.3:a:moodle:moodle:3.11.10
Moodle » Moodle » Version: 3.11.11

cpe:2.3:a:moodle:moodle:3.11.11
Moodle » Moodle » Version: 3.11.2

cpe:2.3:a:moodle:moodle:3.11.2
Moodle » Moodle » Version: 3.11.3

cpe:2.3:a:moodle:moodle:3.11.3
Moodle » Moodle » Version: 3.11.4

cpe:2.3:a:moodle:moodle:3.11.4
Moodle » Moodle » Version: 3.11.5

cpe:2.3:a:moodle:moodle:3.11.5
Moodle » Moodle » Version: 3.11.6

cpe:2.3:a:moodle:moodle:3.11.6
Moodle » Moodle » Version: 3.11.7

cpe:2.3:a:moodle:moodle:3.11.7
Moodle » Moodle » Version: 3.11.8

cpe:2.3:a:moodle:moodle:3.11.8
Moodle » Moodle » Version: 3.11.9

cpe:2.3:a:moodle:moodle:3.11.9
Moodle » Moodle » Version: 3.9.0

cpe:2.3:a:moodle:moodle:3.9.0
Moodle » Moodle » Version: 3.9.1

cpe:2.3:a:moodle:moodle:3.9.1
Moodle » Moodle » Version: 3.9.10

cpe:2.3:a:moodle:moodle:3.9.10
Moodle » Moodle » Version: 3.9.11

cpe:2.3:a:moodle:moodle:3.9.11
Moodle » Moodle » Version: 3.9.12

cpe:2.3:a:moodle:moodle:3.9.12
Moodle » Moodle » Version: 3.9.13

cpe:2.3:a:moodle:moodle:3.9.13
Moodle » Moodle » Version: 3.9.14

cpe:2.3:a:moodle:moodle:3.9.14
Moodle » Moodle » Version: 3.9.15

cpe:2.3:a:moodle:moodle:3.9.15
Moodle » Moodle » Version: 3.9.16

cpe:2.3:a:moodle:moodle:3.9.16
Moodle » Moodle » Version: 3.9.17

cpe:2.3:a:moodle:moodle:3.9.17
Moodle » Moodle » Version: 3.9.18

cpe:2.3:a:moodle:moodle:3.9.18
Moodle » Moodle » Version: 3.9.2

cpe:2.3:a:moodle:moodle:3.9.2
Moodle » Moodle » Version: 3.9.3

cpe:2.3:a:moodle:moodle:3.9.3
Moodle » Moodle » Version: 3.9.4

cpe:2.3:a:moodle:moodle:3.9.4
Moodle » Moodle » Version: 3.9.5

cpe:2.3:a:moodle:moodle:3.9.5
Moodle » Moodle » Version: 3.9.6

cpe:2.3:a:moodle:moodle:3.9.6
Moodle » Moodle » Version: 3.9.7

cpe:2.3:a:moodle:moodle:3.9.7
Moodle » Moodle » Version: 3.9.8

cpe:2.3:a:moodle:moodle:3.9.8
Moodle » Moodle » Version: 3.9.9

cpe:2.3:a:moodle:moodle:3.9.9
Moodle » Moodle » Version: 4.0.0

cpe:2.3:a:moodle:moodle:4.0.0
Moodle » Moodle » Version: 4.0.1

cpe:2.3:a:moodle:moodle:4.0.1
Moodle » Moodle » Version: 4.0.2

cpe:2.3:a:moodle:moodle:4.0.2
Moodle » Moodle » Version: 4.0.3

cpe:2.3:a:moodle:moodle:4.0.3
Moodle » Moodle » Version: 4.0.5

cpe:2.3:a:moodle:moodle:4.0.5
Moodle » Moodle » Version: 4.1.0

cpe:2.3:a:moodle:moodle:4.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-23921

Products

Pricing

Contact Us