GHSA-mgfp-qcf2-pw3m
GitHub Security Advisory
Moodle stored Cross-site Scripting (XSS)
✓ GitHub Reviewed
MODERATE
Has CVE
Advisory Details
The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk. This affects versions 3.9 to 3.9.1. Fixed in 3.9.2.
Affected Packages
Packagist
moodle/moodle
Affected versions:
3.9
(fixed in 3.9.2)
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: June 15, 2025 6:24 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.