-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIA Semantic Attack on Google Gemini - Read the Latest Research
A Semantic Attack on Google Gemini - Read the Latest Research
Miggo AI
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| moodle/moodle | composer | >= 2.0, < 2.0.2 | 2.0.2 |
| moodle/moodle | composer | < 1.9.11 | 1.9.11 |
Miggo AIRoot Cause AnalysisThe analysis is based on the patches provided for the Moodle XSS vulnerability. The changes in tag_autocomplete.php, tag/lib.php, and lib/moodlelib.php directly relate to the handling and sanitization of tag names, indicating that tag_autocomplete and the sanitization logic in clean_param are key to understanding the vulnerability. tag_display_name is also relevant as it handles tag names and was modified to enhance sanitization.