CVE-2023-28331 | SynScan

Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2023-28331

Content output by the database auto-linking filter required additional sanitizing to prevent an XSS risk.

Published: Mar 23, 2023
Updated: Apr 20, 2024
CVE: CVE-2023-28331
GHSA: GHSA-77jm-f3vj-xvx2
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.1
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
moodle / moodle	4.0.0	4.0.0.x
moodle / moodle	3.9.0	3.9.0.x
moodle / moodle	4.1.0	4.1.0.x
moodle / moodle	3.11.0	3.11.0.x
moodle / moodle	4.0.0.x	4.0.7
moodle / moodle	4.1.1	4.1.1.x
moodle / moodle	3.9.0.x	3.9.20
moodle / moodle	3.11.0.x	3.11.13
moodle / moodle	4.1.0	4.1.2
moodle / moodle	4.0.0	4.0.7
moodle / moodle	3.11.0	3.11.13
moodle / moodle	-	3.9.20