CVE-2023-5544
published 2023-11-09CVE-2023-5544: Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| moodle | moodle | >= 0 < 4.3.0-rc2 | 4.3.0-rc2 |
| moodle | moodle | >= 3.11.0 < 3.11.17 | 3.11.17 |
| moodle | moodle | >= 3.9.0 < 3.9.24 | 3.9.24 |
| moodle | moodle | >= 4.0.0 < 4.0.11 | 4.0.11 |
| moodle | moodle | >= 4.1.0 < 4.1.6 | 4.1.6 |
| moodle | moodle | >= 4.2.0 < 4.2.3 | 4.2.3 |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
osv5.4MEDIUM