moodle/moodle is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to a lack of sanitization in the Header and Footer
parameter in settings.php
which allows an attacker to inject and execute arbitrary JavaScript into the browser.
CPE | Name | Operator | Version |
---|---|---|---|
moodle/moodle | le | v4.2.0 | |
moodle/moodle | le | v4.2.0 |