CVE-2011-4278

Moodle <2.0.2 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the tag autocomplete functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (3)

Scores

EPSS 0.0030
EPSS Percentile 52.7%

Classification

CWE
CWE-79
Status published

Affected Products (14)

moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle < 1.9.11Packagist
n/a/n/a

Timeline

Published Jul 16, 2012
Tracked Since Feb 18, 2026