CVE-2024-43437

Summary

A flaw was found in moodle. Insufficient sanitizing of data when performing a restore could result in a cross-site scripting (XSS) risk from malicious backup files.

Affected Software

VendorProductVersion RangeStatus
0 < 4.1.12affected
4.2 < 4.2.9affected
4.3 < 4.3.6affected
4.4 < 4.4.2affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References