Description
In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.
Remediation
References
Related Vulnerabilities
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-33338)
Apache Tomcat Improper Input Validation Vulnerability (CVE-2011-2526)
MySQL CVE-2018-2839 Vulnerability (CVE-2018-2839)
Joomla Improper Privilege Management Vulnerability (CVE-2018-11323)
WordPress Plugin WooCommerce Save For Later Cart Enhancement PHP Object Injection (1.0.6)