← Back

Xblock Drag And Drop V2

xblock-drag-and-drop-v2

Vendor: Open.edx • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2022-46147
1Open.edx
1Xblock Drag And Drop V2
Nov 21, 2024
Nov 28, 2022
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Drag and Drop XBlock v2 implements a drag-and-drop style problem, where a learner has to drag items to zones on a target image. Versions prior to 3.0.0 are vulnerable to cross-site scripting in multiple XBlock Fields. An...Show more
Drag and Drop XBlock v2 implements a drag-and-drop style problem, where a learner has to drag items to zones on a target image. Versions prior to 3.0.0 are vulnerable to cross-site scripting in multiple XBlock Fields. Any platform that has deployed the XBlock may be impacted. Version 3.0.0 contains a patch for this issue. There are no known workarounds.Show less