Description
A Cross-Site Scripting (XSS) vulnerability exists in the way MOODLE 3.10.9 handles user input within the "GET /?lang=" URL parameter.
Remediation
References
Related Vulnerabilities
Jboss EAP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2017-7503)
MySQL CVE-2020-2588 Vulnerability (CVE-2020-2588)
MyBB CVE-2020-22612 Vulnerability (CVE-2020-22612)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1830)
Jboss EAP Uncontrolled Resource Consumption Vulnerability (CVE-2021-3690)