The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk. This affects versions 3.9 to 3.9.1. Fixed in 3.9.2.
CPE | Name | Operator | Version |
---|---|---|---|
moodle/moodle | eq | 3.9.0-rc3 | |
moodle/moodle | eq | 3.9.0 | |
moodle/moodle | eq | 3.9.0-beta | |
moodle/moodle | eq | 3.9.1 | |
moodle/moodle | eq | 3.9.0-rc1 | |
moodle/moodle | eq | 3.9.0-rc2 |