Loading HuntDB...

GHSA-mgfp-qcf2-pw3m

GitHub Security Advisory

Moodle stored Cross-site Scripting (XSS)

✓ GitHub Reviewed MODERATE Has CVE

Advisory Details

The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk. This affects versions 3.9 to 3.9.1. Fixed in 3.9.2.

Affected Packages

Packagist moodle/moodle
Affected versions: 3.9 (fixed in 3.9.2)

Related CVEs

Key Information

GHSA ID
GHSA-mgfp-qcf2-pw3m
Published
May 24, 2022 5:35 PM
Last Modified
April 23, 2024 11:37 PM
CVSS Score
5.0 /10
Primary Ecosystem
Packagist
Primary Package
moodle/moodle
GitHub Reviewed
✓ Yes

Dataset

Last updated: June 15, 2025 6:24 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.