Description In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums. Remediation References CVE-2017-2576 Related Vulnerabilities WordPress Plugin Form Store to DB Unspecified Vulnerability (1.1.0) Oracle JRE CVE-2018-2639 Vulnerability (CVE-2018-2639) WordPress Plugin FormLift for Infusionsoft Web Forms SQL Injection (7.5.17) WordPress Plugin Question Answer Multiple Cross-Site Scripting Vulnerabilities (1.2.30) MyBB Cryptographic Issues Vulnerability (CVE-2008-4929) Severity Medium Classification CVE-2017-2576 CWE-20 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Tags Missing Update Known Vulnerabilities