Description In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums. Remediation References CVE-2017-2576 Related Vulnerabilities Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-14631) MySQL CVE-2021-35597 Vulnerability (CVE-2021-35597) jQuery Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2019-11358) Joomla! Core 3.x.x Denial of Service (3.0.0 - 3.2.5) Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-2578) Severity Medium Classification CVE-2017-2576 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Tags Missing Update Known Vulnerabilities