Description
Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2007-0271 Vulnerability (CVE-2007-0271)
Drupal Core 4.7.x Cross-Site Scripting (4.7.0 - 4.7.1)
Jboss EAP Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-0853)
Nginx Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-16845)