Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:34689
HistoryMar 15, 2022 - 6:59 a.m.

Cross-site Scripting (XSS)

2022-03-1506:59:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17

0.001 Low

EPSS

Percentile

22.8%

moodle/moodle is vulnerable to stored cross-site scripting. The vulnerability exists in get_question_heading function in report.php due to lack of sanitization which allows an attacker to inject and execute arbitrary javascript.

0.001 Low

EPSS

Percentile

22.8%