Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:54
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.redhat.com/show_bug.cgi?id=2179418 - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF/ - | |
References | () https://moodle.org/mod/forum/discuss.php?d=445063 - Patch, Vendor Advisory |
19 Apr 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 04:10
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2023-03-23 21:15
Updated : 2024-11-21 07:54
NVD link : CVE-2023-28331
Mitre link : CVE-2023-28331
CVE.ORG link : CVE-2023-28331
JSON object : View
Products Affected
moodle
- moodle
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')