EPSS
Percentile
30.5%
Moodle is vulnerable to cross-site scripting attacks. These attacks are possible through the course summary filter on the Add a new course page by passing an attribute to it. Note: This is not going to be fixed by the Moodle team.
Add a new course
www.daimacn.com/index.php/post/12.html
www.securityfocus.com/bid/97182
docs.moodle.org/30/en/Security_FAQ#I_have_discovered_Cross_Site_Scripting_.28XSS.29_is_possible_with_Moodle
security-tracker.debian.org/tracker/CVE-2017-7298
tracker.moodle.org/browse/MDL-52038