Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-14320

EPSS 0.75% · P73
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-14320

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing to prevent a reflected XSS risk.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Moodle 跨站脚本漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Moodle是一套免费、开源的电子学习软件平台,也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle 3.7.0版本至3.7.6版本、3.8.0版本至3.8.3版本和3.9.0版本中存在跨站脚本漏洞,该漏洞源于管理任务日志过滤器没有正确处理用户提供的数据。远程攻击者可借助特制链接利用该漏洞在用户浏览器中执行任意HTML和脚本代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Moodle Moodle 3.9, 3.8 to 3.8.3 and 3.7 to 3.7.6 -

II. Public POCs for CVE-2020-14320

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-14320

登录查看更多情报信息。

Same Patch Batch · n/a · 2022-08-16 · 112 CVEs total

CVE-2022-35106SWFTools 缓冲区错误漏洞
CVE-2022-35476OTFCC 缓冲区错误漏洞
CVE-2022-35478OTFCC 缓冲区错误漏洞
CVE-2022-36148fdkaac 安全漏洞
CVE-2022-36152tifig 安全漏洞
CVE-2022-36155tifig 安全漏洞
CVE-2022-35010PNGDec 缓冲区错误漏洞
CVE-2022-35009PNGDec 安全漏洞
CVE-2022-35011PNGDec 安全漏洞
CVE-2022-35012PNGDec 缓冲区错误漏洞
CVE-2022-35013PNGDec 资源管理错误漏洞
CVE-2022-35101SWFTools 缓冲区错误漏洞
CVE-2022-35100SWFTools 缓冲区错误漏洞
CVE-2022-35104SWFTools 缓冲区错误漏洞
CVE-2022-35447OTFCC 缓冲区错误漏洞
CVE-2022-35114SWFTools 缓冲区错误漏洞
CVE-2022-35433ffjpeg 安全漏洞
CVE-2022-35434jpeg-quantsmooth 安全漏洞
CVE-2022-35113SWFTools 缓冲区错误漏洞
CVE-2022-35449OTFCC 缓冲区错误漏洞

Showing top 20 of 112 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Moodle
Same vendor: n/a
Same weakness: CWE-79

V. Comments for CVE-2020-14320

No comments yet

Leave a comment