EPSS
Percentile
33.0%
moodle/moodle is vulnerable to cross-site scripting (XSS). An attacker is able to inject and execute arbitrary Javascript in user’s browser via by storing a malicious payload within the ID number from the user profile field.
bugzilla.redhat.com/show_bug.cgi?id=1939033
lists.fedoraproject.org/archives/list/[email protected]/message/AFSNJ7XHVTC52RSRX2GBQFF3VEEAY2MS/
lists.fedoraproject.org/archives/list/[email protected]/message/UFH5DDMU5TZ3JT4Q52WMRAHACA5MHIMT/
moodle.org/mod/forum/discuss.php?d=419650