ALT Linux Team

Package moodle update in sisyphus on 2020-01-14

ALT-PU-2020-1035-2

Package moodle updated to version 3.8.1-alt1 for branch sisyphus in task 244082.

Closed vulnerabilities

Published: 2022-08-05
Modified: 2024-11-21

CVE-2020-1691

In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.

Severity: MEDIUM (5.4)Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References:
Published: 2022-08-06
Modified: 2023-07-14

GHSA-cwhp-rqfr-8462

Moodle XSS Vulnerability

Severity: MEDIUM (5.4)Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
References:
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: 2.1.2
Back to top