EPSS
Percentile
22.7%
moodle/moodle is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject and execute arbitrary Javascript in a user’s browser via the introeditor[text] parameter or the TinyMCE HTML editor
introeditor[text]
docs.moodle.org/38/en/Teacher_role
gist.github.com/Danbardo/4a6b0fe8cb21ec6d7c54e6ac951bdb0a