Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2024-29374

A Cross-Site Scripting (XSS) vulnerability exists in the way MOODLE 3.10.9 handles user input within the "GET /?lang=" URL parameter.

CVSS v3:

  • Severity: Unknown
  • Score:
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
moodle / moodle - 3.10.9.x
moodle / moodle 3.10.9 3.10.9.x