CVE-2012-2365

Moodle <2.0.9-2.2.3 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the idnumber field to cohort/edit.php.

References (4)

Scores

EPSS 0.0018
EPSS Percentile 39.3%

Classification

CWE
CWE-79
Status published

Affected Products (19)

moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
... and 4 more

Timeline

Published Jul 21, 2012
Tracked Since Feb 18, 2026