Description

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums.

Remediation

References

CVE-2017-2576

Related Vulnerabilities

Oracle Database Server CVE-2014-4291 Vulnerability (CVE-2014-4291)

OpenSSL Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2023-0286)

Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-37247)

Dolibarr Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-9840)

Apache Tomcat Improper Locking Vulnerability (CVE-2019-10072)

Severity

Medium

Classification

CVE-2017-2576 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities