CVE-2014-0218
Moodle <2.6.3 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the URL downloader repository in repository/url/lib.php in Moodle through 2.3.11, 2.4.x before 2.4.10, 2.5.x before 2.5.6, and 2.6.x before 2.6.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (4)
Scores
EPSS
0.0026
EPSS Percentile
48.7%
Details
CWE
CWE-79
Status
published
Products (50)
moodle/moodle
< 2.3.11
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
moodle/moodle
... and 40 more
Published
May 27, 2014
Tracked Since
Feb 18, 2026