CVE-2012-2360

Moodle <2.0.9-2.2.3 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the Wiki subsystem in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted string that is inserted into a page title.

References (2)

Scores

EPSS 0.0016
EPSS Percentile 36.5%

Classification

CWE
CWE-79
Status published

Affected Products (19)

moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
... and 4 more

Timeline

Published Jul 21, 2012
Tracked Since Feb 18, 2026