Description
In Moodle 3.8, messages required extra sanitizing before updating the conversation overview, to prevent the risk of stored cross-site scripting.
Remediation
References
Related Vulnerabilities
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-3278)
WebLogic CVE-2020-14645 Vulnerability (CVE-2020-14645)
WordPress Plugin Drug Search Cross-Site Scripting (1.0.0)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-5489)
PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-1581)