VYPR
Medium severity6.1NVD Advisory· Published Sep 18, 2017· Updated Jun 17, 2026

CVE-2017-12156

CVE-2017-12156

Description

Moodle 3.x has XSS in the contact form on the "non-respondents" page in non-anonymous feedback.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
moodle/moodlePackagist
>= 3.3.0, < 3.3.23.3.2
moodle/moodlePackagist
>= 3.2.0, < 3.2.53.2.5
moodle/moodlePackagist
< 3.1.83.1.8

Affected products

44
  • Moodle/Moodle43 versions
    cpe:2.3:a:moodle:moodle:3.0.0:*:*:*:*:*:*:*+ 42 more
    • cpe:2.3:a:moodle:moodle:3.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.0:rc4:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.1.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.1.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.1.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.2.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.2.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.2.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.2.0:rc4:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.2.0:rc5:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:moodle:moodle:3.3.2:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 3.3.0, < 3.3.2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.