发布于3月6日3月6日 Members Moodle: Stored XSS in quiz override screens via user ID number (CVE-2021-36399) Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 03/06/2023 Created 03/17/2023 Added 03/17/2023 Modified 01/28/2025 Description In Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk. Solution(s) moodle-upgrade-3_11_1 References https://attackerkb.com/topics/cve-2021-36399 CVE - 2021-36399 https://moodle.org/mod/forum/discuss.php?d=424805
