Unrated severityNVD Advisory· Published Jul 27, 2004· Updated Jun 16, 2026
CVE-2004-0725
CVE-2004-0725
Description
Cross-site scripting (XSS) vulnerability in help.php in Moodle 1.3.2 and 1.4 dev allows remote attackers to inject arbitrary web script or HTML via the file parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:moodle:moodle:1.1.1:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:moodle:moodle:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:1.3.2:*:*:*:*:*:*:*
- (no CPE)range: 1.3.2, 1.4 dev
Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/10718nvdExploitPatchVendor Advisory
- cvs.sourceforge.net/viewcvs.py/moodle/moodle/help.phpnvd
- marc.infonvd
- exchange.xforce.ibmcloud.com/vulnerabilities/16684nvd
News mentions
0No linked articles in our index yet.