GHSA-9724-h8p7-r3jv

GitHub Security Advisory

Moodle Cross-site Scripting vulnerability

✓ GitHub Reviewed MODERATE Has CVE

ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.

Packagist moodle/moodle

Affected versions: 0 (fixed in 4.3.0-rc2)

CVE-2023-5546

GHSA ID

GHSA-9724-h8p7-r3jv

Published

November 9, 2023 9:30 PM

Last Modified

November 15, 2023 6:24 PM

CVSS Score

5.0 /10

Primary Ecosystem

Packagist

Primary Package

moodle/moodle

GitHub Reviewed

✓ Yes

Last updated: September 11, 2025 6:35 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.