Vulnerabilities > Fedoraproject > Extra Packages FOR Enterprise Linux > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-11-22	CVE-2021-43558	Cross-site Scripting vulnerability in multiple products A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. network low complexity moodle fedoraproject CWE-79	6.1
2021-11-22	CVE-2021-43560	Exposure of Resource to Wrong Sphere vulnerability in multiple products A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. network low complexity moodle fedoraproject CWE-668	5.3
2021-01-05	CVE-2020-27842	There's a flaw in openjpeg's t2 encoder in versions prior to 2.4.0. local low complexity uclouvain fedoraproject debian redhat oracle	5.5
2020-01-16	CVE-2020-7106	Cross-site Scripting vulnerability in multiple products Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS). network low complexity cacti debian opensuse suse fedoraproject CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.