Your submission was sent successfully! Close

CVE-2022-45151

Published: 23 November 2022

The stored-XSS vulnerability was discovered in Moodle which exists due to insufficient sanitization of user-supplied data in several "social" user profile fields. An attacker could inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Priority

Medium

CVSS 3 base score: 5.4

Status

Package Release Status
moodle
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Does not exist

jammy Does not exist

kinetic Does not exist

trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)