Medium severity5.3NVD Advisory· Published Jan 20, 2017· Updated May 13, 2026
CVE-2017-2576
CVE-2017-2576
Description
In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 2.7, < 2.7.18 | 2.7.18 |
moodle/moodlePackagist | >= 3.0, < 3.0.8 | 3.0.8 |
moodle/moodlePackagist | >= 3.1, < 3.1.4 | 3.1.4 |
moodle/moodlePackagist | >= 3.2, < 3.2.1 | 3.2.1 |
Affected products
37cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*+ 36 more
- cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*range: <=2.7.17
- cpe:2.3:a:moodle:moodle:2.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.8.10:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.8.11:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.8.12:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.8.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.8.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.9.8:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:2.9.9:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.2.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- moodle.org/mod/forum/discuss.phpnvdPatchVendor AdvisoryWEB
- www.securityfocus.com/bid/95649nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-cjrf-xg77-chpwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-2576ghsaADVISORY
News mentions
0No linked articles in our index yet.