EPSS
Percentile
59.1%
Moodle is vulnerable to cross-site scripting (XSS) attacks. A malicious user can inject and execute arbitrary web script with an external DB profile field.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50705
www.openwall.com/lists/oss-security/2016/03/21/1
www.securitytracker.com/id/1035333
moodle.org/mod/forum/discuss.php?d=330174