CVE-2024-33998

CVE-2024-33998: moodle: stored XSS via user's name on participants page when opening some options

Weakness CWE-79 · XSS
Published May 31, 2024
Last update March 28, 2025

CVSS base score

What the vulnerability does

01Description

Insufficient escaping of participants' names in the participants page table resulted in a stored XSS risk when interacting with some features.

Key dates

02Disclosure timeline

May 31, 2024 CVE published
March 28, 2025 Record updated