Vulnerability Details CVE-2023-35131
Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.2%
CVSS Severity
CVSS v3 Score 6.1
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2214369
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/
- https://moodle.org/mod/forum/discuss.php?d=447829
- https://bugzilla.redhat.com/show_bug.cgi?id=2214369
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT/
- https://moodle.org/mod/forum/discuss.php?d=447829
Products affected by CVE-2023-35131
-
cpe:2.3:a:moodle:moodle:3.11.0
-
cpe:2.3:a:moodle:moodle:3.11.1
-
cpe:2.3:a:moodle:moodle:3.11.10
-
cpe:2.3:a:moodle:moodle:3.11.11
-
cpe:2.3:a:moodle:moodle:3.11.12
-
cpe:2.3:a:moodle:moodle:3.11.13
-
cpe:2.3:a:moodle:moodle:3.11.14
-
cpe:2.3:a:moodle:moodle:3.11.2
-
cpe:2.3:a:moodle:moodle:3.11.3
-
cpe:2.3:a:moodle:moodle:3.11.4
-
cpe:2.3:a:moodle:moodle:3.11.5
-
cpe:2.3:a:moodle:moodle:3.11.6
-
cpe:2.3:a:moodle:moodle:3.11.7
-
cpe:2.3:a:moodle:moodle:3.11.8
-
cpe:2.3:a:moodle:moodle:3.11.9
-
cpe:2.3:a:moodle:moodle:4.0.0
-
cpe:2.3:a:moodle:moodle:4.0.1
-
cpe:2.3:a:moodle:moodle:4.0.2
-
cpe:2.3:a:moodle:moodle:4.0.3
-
cpe:2.3:a:moodle:moodle:4.0.5
-
cpe:2.3:a:moodle:moodle:4.0.6
-
cpe:2.3:a:moodle:moodle:4.0.7
-
cpe:2.3:a:moodle:moodle:4.0.8
-
cpe:2.3:a:moodle:moodle:4.1.0
-
cpe:2.3:a:moodle:moodle:4.1.1
-
cpe:2.3:a:moodle:moodle:4.1.3
-
cpe:2.3:a:moodle:moodle:4.2.0