moodle/moodle is vulnerable to Cross-site Scripting (XSS). The vulnerability is due to insufficient escaping of participants’ names in the participant’s page table, allowing for malicious code injection when interacting with certain features.
CPE | Name | Operator | Version |
---|---|---|---|
moodle/moodle | le | v4.3.3 | |
moodle/moodle | le | v4.1.9 | |
moodle/moodle | le | v4.2.6 | |
moodle/moodle | le | v4.3.3 | |
moodle/moodle | le | v4.1.9 | |
moodle/moodle | le | v4.2.6 |