VDB
GCVE-110-MAGEIA-2013-280
GCVE-110-MAGEIA-2013-280
Advisory Published
Updated moodle package fixes security vulnerabilities:
Null characters were allowed in query strings in Moodle before 2.4.6, which
caused sql statements to terminate and fail, potentially allowing sql
injection in Moodle's SQL Server driver (CVE-2013-4313).
Links to external blogs were not being adequately cleaned in Moodle before
2.4.6, potentially allowing for XSS attacks (CVE-2013-4341).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | moodle | 0 (affected), 2.4.6-1.mga3 (unaffected) | — |
Aliases
References
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.