First published: Wed Mar 29 2017(Updated: )
In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Moodle Moodle | =3.2.2 | |
composer/moodle/moodle | >=3.2<=3.2.2 | |
=3.2.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.