BIT-moodle-2023-28332

See a problem?

Import Source

https://github.com/bitnami/vulndb/tree/main/data/moodle/BIT-moodle-2023-28332.json

JSON Data

https://api.osv.dev/v1/vulns/BIT-moodle-2023-28332

Aliases

Published

2024-03-06T11:00:21.482Z

Modified

2025-05-20T10:02:07.006Z

Summary

Moodle: algebra filter xss when filter is misconfigured

Details

If the algebra filter was enabled but not functional (eg the necessary binaries were missing from the server), it presented an XSS risk.

Database specific

{
    "cpes": [
        "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.11.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:3.9.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:4.0.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:4.1.0:-:*:*:*:*:*:*",
        "cpe:2.3:a:moodle:moodle:4.1.1:*:*:*:*:*:*:*"
    ],
    "severity": "Medium"
}

References

Affected packages

Bitnami / moodle

Package

Name: moodle
Purl: pkg:bitnami/moodle

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Affected ranges

Type: SEMVER
Events: Introduced

3.9.0

Fixed

3.9.20

Introduced

3.11.0

Fixed

3.11.13

Introduced

4.0.0

Fixed

4.0.7

Introduced

4.1.0

Fixed

4.1.2