Vulnerabilities > CVE-2021-25006 - Unspecified vulnerability in Molie Instructure Canvas Linking Tool Project Molie Instructure Canvas Linking Tool 0.5

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

molie-instructure-canvas-linking-tool-project

NVD

Published: 2022-03-14

Updated: 2024-11-21

Summary

The MOLIE WordPress plugin through 0.5 does not escape the course_id parameter before outputting it back in the admin dashboard, leading to a Reflected Cross-Site Scripting issue

Vulnerable Configurations

Part	Description	Count
Application	Molie_Instructure_Canvas_Linking_Tool_Project Molie Instructure Canvas Linking Tool Project Molie Instructure Canvas Linking Tool 0.5	1

References

https://wpscan.com/vulnerability/dbe2c6ca-d2f1-40a2-83d5-4623c22d4d61
https://wpscan.com/vulnerability/dbe2c6ca-d2f1-40a2-83d5-4623c22d4d61