First published: Wed Dec 09 2020(Updated: )
The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk. This affects versions 3.9 to 3.9.1. Fixed in 3.9.2.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Moodle Moodle | >=3.9.0<3.9.2 | |
composer/moodle/moodle | >=3.9<3.9.2 | 3.9.2 |
>=3.9.0<3.9.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.