unclear CSS - attack

Re: unclear CSS - attack

by Bjarne Oldsen -
Number of replies: 1

Hi James,


thanks for your answer. We are running Moodle 2.9.8.

When I trigger it manually by opening the link in the browser I get a search field in the middle of the page (adaptable theme).

I can hover the search field without getting a popup.   Inside the seachbox I can see some plain javascript code (see attachment) but without tags of course. So IMHO it's not interpreted. no vulnerability given here.


hope you'd like to add something.


Best Regards,

Bjarne 


Attachment Bildschirmfoto 2017-11-07 um 12.16.29.png
Average of ratings: -
In reply to Bjarne Oldsen

Re: unclear CSS - attack

by Ralf Hilgenstock -
Picture of Core developers Picture of Particularly helpful Moodlers Picture of Translators

Hi Bjarne

your hoster should upgrade the site to 3.1. LTS version or 3.3 or 3.4. These versions are maintained.

ralf

Average of ratings: -