BIT-moodle-2021-43558

Import Source

https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2021-43558.json

Aliases

CVE-2021-43558
GHSA-wpfp-q843-v772

Published

2024-03-06T11:06:48.379Z

Modified

2024-03-06T11:25:28.861Z

Details

A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. A URL parameter in the filetype site administrator tool required extra sanitizing to prevent a reflected XSS risk.

References

https://bugzilla.redhat.com/show_bug.cgi?id=2021515
https://moodle.org/mod/forum/discuss.php?d=429097

Affected packages

Bitnami / moodle

Package

Name: moodle

Affected ranges

Type: SEMVER
Events: Introduced

0The exact introduced commit is unknown

Fixed

3.8.8

Introduced

3.9.0

Fixed

3.9.11

Introduced

3.10.0

Fixed

3.10.8

Introduced

3.11.0

Fixed

3.11.4