CNNVD-202506-3017 Information

CNNVD ID

CNNVD-202506-3017

Related CVE

CVE-2025-34032

• CNNVD Published: 2025-06-24

Description (Chinese)

Moodle LMS Jmol plugin是Moodle开源的一款插件。 Moodle LMS Jmol plugin 6.1及之前版本存在跨站脚本漏洞，该漏洞源于jsmol.php中data参数未清理导致反射型跨站脚本攻击。

Description (English)

Moodle LMS Jmol plugin is an open-source plugin for Modle. Moodle LMS Jmol plugin 6.1 and earlier versions had a cross-site script loophole, which stemmed from the fact that the non-cleaning of the data parameters in jsmol.php resulted in a reflective cross-site script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Moodle

Published

2025-06-24

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/46881 https://www.dionach.com/moodle-jmol-plugin-multiple-vulnerabilities/ https://vulncheck.com/advisories/moodle-lms-jmol-plugin-xss https://access.redhat.com/security/cve/cve-2025-34032