EPSS
Percentile
48.8%
moodle/moodle is vulnerable to cross-site scripting.The vulnerability exists due to additional input escaping of lib/phpunit/classes/util.php parameter which allows a remote attacker to inject and execute malicious code into the system.
lib/phpunit/classes/util.php
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-67726
github.com/advisories/GHSA-625r-4rf7-g699
github.com/moodle/moodle/commit/f070dd126f7a2d63144186b73c2313badc7a2a4c
moodle.org/mod/forum/discuss.php?d=398352