Description A flaw was found in moodle. External API access to Quiz can override contained insufficient access control. Remediation References CVE-2024-43430 Related Vulnerabilities e107 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-4083) WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.0.10) WordPress Plugin NextGEN Gallery-WordPress Gallery Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities (1.8.3) Atlassian Confluence CVE-2023-22503 Vulnerability (CVE-2023-22503) Oracle Application Server Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2004-1371) Severity Medium Classification CVE-2024-43430 CWE-276 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Tags Missing Update Known Vulnerabilities