Miggo Logo
Miggo Vulnerability Database
CVE-2011-4280

CVE-2011-4280: Moodle vulnerable to XSS via bundled spikephpcoverage library

4.3

CVSS Score

Basic Information

CVE ID
CVE-2011-4280
GHSA ID
GHSA-mx5g-3vxh-rgm8
EPSS Score
0.85454%
CWE
CWE-79
Published
5/13/2022
Updated
1/17/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
moodle/moodlecomposer>= 2.0, < 2.0.22.0.2

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis:
In progress

WAF Protection Rules

WAF Rule

*ross-sit* s*riptin* (XSS) vuln*r**ility in t** Spik* P*P*ov*r*** (*k* spik*p*p*ov*r***) li*r*ry, *s us** in Moo*l* *.*.x ***or* *.*.* *n* ot**r pro*u*ts, *llows r*mot* *tt**k*rs to inj**t *r*itr*ry w** s*ript or *TML vi* unsp**i*i** v**tors.

Reasoning

No *n*lysis *v*il**l*