CVE-2024-34000

CVE-2024-34000: moodle: stored XSS in lesson overview report via user ID number

Weakness CWE-79 · XSS
Published May 31, 2024
Last update November 14, 2024

CVSS base score

What the vulnerability does

01Description

ID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS risk.

Key dates

02Disclosure timeline

May 31, 2024 CVE published
November 14, 2024 Record updated