CVE-2023-5547
published 2023-11-09CVE-2023-5547: The course upload preview contained an XSS risk for users uploading unsafe data.
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
The course upload preview contained an XSS risk for users uploading unsafe data.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| moodle | moodle | >= 0 < 4.3.0-rc2 | 4.3.0-rc2 |
| moodle | moodle | >= 3.11.0 < 3.11.17 | 3.11.17 |
| moodle | moodle | >= 3.9.0 < 3.9.24 | 3.9.24 |
| moodle | moodle | >= 4.0.0 < 4.0.11 | 4.0.11 |
| moodle | moodle | >= 4.1.0 < 4.1.6 | 4.1.6 |
| moodle | moodle | >= 4.2.0 < 4.2.3 | 4.2.3 |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
osv6.1MEDIUM