CVE-2018-20858
CVE-2018-20858 affects the Recommender XBlock (edX Recommender) with a cross-site scripting vulnerability in versions prior to 2018-07-18. The issue stems from improper validation of client-side data, enabling XSS when a user views a crafted resource. Public advisories (GHSA) indicate this could ...