What the vulnerability does
01Description
It was found in Moodle before version 3.10.1 that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries.
CVSS base score
—
Key dates
02Disclosure timeline
January 28, 2021
CVE published
August 3, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-1459 Page Builder by SiteOrigin <= 2.31.4 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2026-50591
CVE-2024-56299 WordPress Notify Odoo plugin <= 1.0.0 - CSRF to Stored XSS vulnerability
CVE-2023-30874 WordPress GPS Plotter Plugin <= 5.1.4 is vulnerable to Cross Site Scripting (XSS)
CVE-2024-20779 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
