CVE-2023-5546
published 2023-11-09CVE-2023-5546: ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.
medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
ID numbers displayed in the quiz grading report required additional sanitizing to prevent a stored XSS risk.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| moodle | moodle | >= 0 < 4.3.0-rc2 | 4.3.0-rc2 |
| moodle | moodle | >= 4.0.0 < 4.0.11 | 4.0.11 |
| moodle | moodle | >= 4.1.0 < 4.1.6 | 4.1.6 |
| moodle | moodle | >= 4.2.0 < 4.2.3 | 4.2.3 |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
osv5.4MEDIUM