CVE-2024-37674

描述

Cross Site Scripting vulnerability in Moodle CMS v3.10 allows a remote attacker to execute arbitrary code via the Field Name (name parameter) of a new activity.

受影響套件(1)

• Bitnami/moodle>= 3.10.0, < 4.1.10

CVSS 分數

參考連結(3)

• WEBhttp://moodle.com
• WEBhttps://github.com/MohamedAzizMSALLEMI/Moodle_Security/blob/main/CVE-2024-37674.md
• WEBhttps://nvd.nist.gov/vuln/detail/CVE-2024-37674