Medium severity6.1NVD Advisory· Published Jan 20, 2017· Updated May 13, 2026
CVE-2017-2578
CVE-2017-2578
Description
In Moodle 3.x, there is XSS in the assignment submission page.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 3.1, < 3.1.4 | 3.1.4 |
moodle/moodlePackagist | >= 3.2, < 3.2.1 | 3.2.1 |
Affected products
14cpe:2.3:a:moodle:moodle:3.1.0:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:moodle:moodle:3.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.1.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.1.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.2.0:beta:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.2.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.2.0:rc3:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.2.0:rc4:*:*:*:*:*:*
- cpe:2.3:a:moodle:moodle:3.2.0:rc5:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- moodle.org/mod/forum/discuss.phpnvdPatchVendor AdvisoryWEB
- www.securityfocus.com/bid/95647nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-6r76-f8c8-fh7pghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-2578ghsaADVISORY
News mentions
0No linked articles in our index yet.