CVE-2022-30596

Summary

A flaw was found in moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk.

Affected Software

VendorProductVersion RangeStatus
n/amoodleAffects : 4.0, 3.11 to 3.11.6, 3.10 to 3.10.10, 3.9 to 3.9.13 and earlier unsupported versionsaffected

Weaknesses

  • CWE-79: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

References