vulnerability
Moodle: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CVE-2022-40313)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Sep 30, 2022 | Oct 6, 2022 | Jan 28, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Sep 30, 2022
Added
Oct 6, 2022
Modified
Jan 28, 2025
Description
Recursive rendering of Mustache template helpers containing user input could, in some cases, result in an XSS risk or a page failing to load.
Solutions
moodle-upgrade-3_11_10moodle-upgrade-3_9_17moodle-upgrade-4_0_4
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.