CVE-2017-7266 (security_monkey)
Netflix Security Monkey before 0.8.0 has an Open Redirect. The logout functionality accepted the “next” parameter which then redirects to any domain irrespective of the Host header.
Read MoreAuthor: Fortify Security Team
CVE-2017-2644 (moodle)
In Moodle 3.x, XSS can occur via evidence of prior learning.
Read MoreCVE-2017-2645 (moodle)
In Moodle 3.x, XSS can occur via attachments to evidence of prior learning.
Read MoreCVE-2017-2641 (moodle)
In Moodle 2.x and 3.x, SQL injection can occur via user preferences.
Read MoreCVE-2017-2643 (moodle)
In Moodle 3.2.x, global search displays user names for unauthenticated users.
Read More