First published: Wed Mar 18 2020(Updated: )
A vulnerability was found in moodle 3.7 before 3.7.3, where there is blind XSS reflected in some locations where user email is displayed.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Moodle Moodle | >=3.7.0<3.7.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-14881 is a vulnerability found in Moodle 3.7 before version 3.7.3, which allows for blind cross-site scripting (XSS) attacks.
CVE-2019-14881 affects Moodle versions 3.7 to 3.7.2 and versions before 3.7.3, where blind XSS can be reflected in some locations where user email is displayed.
CVE-2019-14881 has a severity rating of 6.1 (medium).
To fix CVE-2019-14881 vulnerability, you should update your Moodle installation to version 3.7.3 or later.
You can find more information about CVE-2019-14881 on the NIST National Vulnerability Database page, Red Hat Bugzilla, and the Moodle forums.