The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.
{ "severity": "Medium", "cpes": [ "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*" ] }