CVE-2020-1691

CVE-2020-1691

Vendor N/A

Product Moodle

Weakness CWE-79 · XSS

Published August 5, 2022

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.

Key dates

02Disclosure timeline

August 5, 2022 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-1691 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2024-4574 Graphina – Elementor Charts and Graphs <= 1.8.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets CVE-2025-66459 Lookyloo vulnerable to XSS due to unescaped error message passed to innerHTML CVE-2022-3070 Generate PDF using Contact Form 7 < 3.6 - Admin+ Stored Cross-Site Scripting CVE-2022-0558 Cross-site Scripting (XSS) - Stored in microweber/microweber CVE-2025-23663 WordPress Contexto plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability