EPSS
Percentile
65.5%
Moodle is vulnerable to cross-site scripting (XSS) attacks. A malicious user can inject and execute arbitrary JavaScript through the lti_typename parameter or the lti_toolurl parameter.
lti_typename
lti_toolurl
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31692
openwall.com/lists/oss-security/2012/07/17/1
secunia.com/advisories/49890
www.securityfocus.com/bid/54481
exchange.xforce.ibmcloud.com/vulnerabilities/76965