4 matches found
CVE-2024-33997
Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's equation...
CVE-2024-33997
Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's equation...
CVE-2024-33997 moodle: stored XSS risk when editing another user's equation in equation editor
Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's equation...
CVE-2024-33997
Moodle has a stored XSS vulnerability (CVE-2024-33997) in the equation editor, triggered when editing another user’s equation. The issue stems from insufficient sanitizing, and sources consistently note that “additional sanitizing was required” to prevent the risk. The connected documents confirm...