CVE-2021-36401

描述

In Moodle, ID numbers exported in HTML data formats required additional sanitizing to prevent a local stored XSS risk.

受影響套件(2)

• Bitnami/moodlefrom 0, < 3.9.8, >= 3.10.0, < 3.10.5, >= 3.11.0, < 3.11.1
• Packagist/moodle/moodle>= 3.11.0-beta, < 3.11.1

CVSS 分數

參考連結(3)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-36401
• PATCHhttps://github.com/moodle/moodle
• WEBhttps://moodle.org/mod/forum/discuss.php?d=424807