Описание
The stored-XSS vulnerability was discovered in Moodle which exists due to insufficient sanitization of user-supplied data in several "social" user profile fields. An attacker could inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Ссылки
Уязвимые конфигурации
Одно из
Одно из
EPSS
5.4 Medium
CVSS3
Дефекты
Связанные уязвимости
The stored-XSS vulnerability was discovered in Moodle which exists due to insufficient sanitization of user-supplied data in several "social" user profile fields. An attacker could inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
The stored-XSS vulnerability was discovered in Moodle which exists due ...
Moodle stored-XSS vulnerability in some "social" user profile fields
Уязвимость системы управления курсами Moodle, связанная с недостаточной очисткой пользовательских данных в нескольких «социальных» полях профиля пользователя, позволяющая нарушителю выполнять атаки с использованием межсайтовых сценариев (XSS)
EPSS
5.4 Medium
CVSS3