CVE-2025-67850

CVE-2025-67850

A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting (XSS), occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions, the malicious code would execute in their web browsers, potentially compromising their data or leading to unauthorized actions.

CVE-2025-67850

A flaw was found in moodle. This vulnerability, known as Cross-Site Sc ...

GHSA-6mmv-f6c6-v6q8

Moodle vulnerable to Cross-site Scripting

BDU:2025-11660

Уязвимость виртуальной обучающей среды Moodle, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю получить провести атаку межсайтового скриптинга (XSS)