EPSS
Percentile
36.6%
moodle/moodle is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the URL parameter of the filetype site administrator tool, allowing an attacker to inject and execute malicious javascript.
bugzilla.redhat.com/show_bug.cgi?id=2021515
github.com/moodle/moodle/commit/9d0d93a9c41822ff32fedb20fc87f587d213a293
moodle.org/mod/forum/discuss.php?d=429097