CVE-2022-45150

CVE-2022-45150

Vendor N/A
Product Moodle
Weakness CWE-79 · XSS
Published November 23, 2022
Last update April 25, 2025
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

A reflected cross-site scripting vulnerability was discovered in Moodle. This flaw exists due to insufficient sanitization of user-supplied data in policy tool. An attacker can trick the victim to open a specially crafted link that executes an arbitrary HTML and script code in user's browser in context of vulnerable website. This vulnerability may allow an attacker to perform cross-site scripting (XSS) attacks to gain access potentially sensitive information and modification of web pages.

Key dates

02Disclosure timeline

November 23, 2022 CVE published
April 25, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-20487 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabiliy CVE-2025-25134 WordPress Theme Demo Bar Plugin <= 1.6.3 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2021-24346 Stock in & out <= 1.0.4 - Reflected Cross-Site Scripting (XSS) CVE-2022-47603 WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS) CVE-2025-58784 WordPress ARI Fancy Lightbox Plugin <= 1.4.0 - Cross Site Scripting (XSS) Vulnerability