Lucene search
Redhat.comRH:CVE-2021-20279HistoryMay 20, 2022 - 11:33 p.m.
CVE-2021-20279
2022-05-2023:33:38
redhat.com
access.redhat.com
14
moodle
sanitizing
id number
user profile
stored xss
mitigation
user identity
patch.
EPSS
0.001
Percentile
33.0%
A flaw was found in moodle. The ID number user profile field requires additional sanitizing to prevent a stored XSS risk.
Mitigation
Disable the ID number field by unchecking it in Site admin > Users > User policies > Show user identity, until the patch has been applied.
Related
osv
osv
BIT-moodle-2021-20279
2024-03-06 11:11:03
CVE-2021-20279
2021-03-15 22:15:13
Moodle contains Stored XSS via ID number user profile field
2022-05-24 17:44:37
cvelist
cvelist
CVE-2021-20279
2021-03-15 21:35:37
prion
prion
Cross site scripting
2021-03-15 22:15:00
nvd
nvd
CVE-2021-20279
2021-03-15 22:15:13
github
github
Moodle contains Stored XSS via ID number user profile field
2022-05-24 17:44:37
ubuntucve
ubuntucve
CVE-2021-20279
2021-03-15 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2021-03-16 04:34:12
cve
cve
CVE-2021-20279
2021-03-15 22:15:13
openvas
openvas
Fedora: Security Advisory for moodle (FEDORA-2021-1c27e89d49)
2021-03-20 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2021-50f63a0161)
2021-03-24 00:00:00
Fedora: Security Advisory for moodle (FEDORA-2021-431b232659)
2021-03-24 00:00:00
nessus
nessus
Fedora 33 : moodle (2021-431b232659)
2021-03-23 00:00:00
Fedora 32 : moodle (2021-50f63a0161)
2021-03-23 00:00:00
Moodle 3.10.x < 3.10.2 Multiple Vulnerabilities
2023-02-20 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: moodle-3.10.2-1.fc34
2021-03-19 20:34:49
[SECURITY] Fedora 33 Update: moodle-3.9.5-1.fc33
2021-03-23 01:34:46
[SECURITY] Fedora 32 Update: moodle-3.8.8-1.fc32
2021-03-23 01:12:58