CVE-2022-35653: A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI…

CVE-2022-35653 [MEDIUM] CWE-79 Moodle LTI module reflected XSS risk Moodle LTI module reflected XSS risk A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact authenticated users.

CVE-2022-35653 [MEDIUM] Moodle LTI module reflected XSS risk Moodle LTI module reflected XSS risk A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact authenticated users.

CVE-2022-35653 [MEDIUM] CVE-2022-35653: A reflected XSS issue was identified in the LTI module of Moodle A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact authenticated users.

CVE-2022-35653 [MEDIUM] Moodle moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Moodle moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and drive-by-download attacks. This vulnerability does not impact authenticated users. Affected: Moodle moodle Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable

NoiseLetter June 2025 CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners Incident Investigation Add context to incidents to speed the determinations of scope and timelines Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns Why GreyNoise CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures Compromised Asset Detection Fin

CVE-2022-35653 [MEDIUM] Reflected XSS via Moodle on ███ [CVE-2022-35653] Reflected XSS via Moodle on ███ [CVE-2022-35653] Hi Security Team I found an xss vulnerability on your website [CVE-2022-35653] Refrence : https://vulners.com/nuclei/NUCLEI:CVE-2022-35653 if you wanna test this : ``` id: CVE-2022-35653 info: name: Moodle LTI module Reflected - Cross-Site Scripting author: iamnoooob,pdresearch severity: medium description: | A reflected XSS issue was identified in the LTI module of Moodle. The vulnerability exists due to insufficient sanitization of user-supplied data in the LTI module. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website to steal potentially sensitive information, change appearance of the web page, can perform phishing and d