First published: Thu Jan 28 2021(Updated: )
It was found in Moodle before version 3.10.1, 3.9.4, 3.8.7 and 3.5.16 that if the TeX notation filter was enabled, additional sanitizing of TeX content was required to prevent the risk of stored XSS.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Moodle Moodle | <3.5.16 | |
Moodle Moodle | >=3.8.0<3.8.7 | |
Moodle Moodle | >=3.9.0<3.9.4 | |
Moodle Moodle | >=3.10.0<3.10.1 | |
composer/moodle/moodle | >=3.5<3.5.16 | 3.5.16 |
composer/moodle/moodle | >=3.8<3.8.7 | 3.8.7 |
composer/moodle/moodle | >=3.9<3.9.4 | 3.9.4 |
composer/moodle/moodle | >=3.10<3.10.1 | 3.10.1 |
<3.5.16 | ||
>=3.8.0<3.8.7 | ||
>=3.9.0<3.9.4 | ||
>=3.10.0<3.10.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.