vulnerability

Moodle: Unspecified Security Vulnerability (CVE-2021-20280)

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	Mar 15, 2021	Mar 30, 2021	Nov 26, 2024

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Mar 15, 2021

Added

Mar 30, 2021

Modified

Nov 26, 2024

Description

Text-based feedback answers required additional sanitizing to prevent stored XSS and blind SSRF risks in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17.

moodle-upgrade-3_10_2moodle-upgrade-3_5_17moodle-upgrade-3_8_8moodle-upgrade-3_9_5

NEW

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.