A server-side request forgery vulnerability in ESM prior to version 11.6.8 allows a low privileged authenticated user to upload arbitrary content, potentially altering configuration. This is possible through the certificate validation functionality where the API accepts uploaded content and doesn't parse for invalid data.

According to its self-reported version, the Moodle install hosted on the remote host is 4.2.x prior to 4.2.4 or 4.3.x prior to 4.3.1. It is, therefore, affected by multiple cross-site scripting:

- Reflected XSS risk on ad-hoc tasks page

- Reflected XSS risk in grader report search

- Stored XSS in grader report via user ID number

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Trellix Enterprise Security Manager running on the remote web server is prior to 11.6.8. It is, therefore, affected by a server-side request forgery (SSRF) vulnerability. Due to a flaw in the certificate validation functionality, a remote, authenticated attacker can upload arbitrary content, potentially altering configuration.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
114735	Moodle 4.3.x < 4.3.1 Multiple Cross-Site Scripting	Web App Scanning	Component Vulnerability	medium
114734	Moodle 4.2.x < 4.2.4 Multiple Cross-Site Scripting	Web App Scanning	Component Vulnerability	medium
186467	Trellix Enterprise Security Manager < 11.6.8 SSRF	Nessus	CGI abuses	medium

Detections

Analytics

CVE-2023-6670

medium

Tenable Plugins

medium

medium

medium