CVE-2020-25627

Summary

The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk. This affects versions 3.9 to 3.9.1. Fixed in 3.9.2.

Affected Software

VendorProductVersion RangeStatus
n/aMoodle3.9 to 3.9.1affected

Weaknesses

  • CWE-79: CWE-79

ADP Enrichment

CVE Program Container

Additional References

References