CVE-2024-34000

ID numbers displayed in the lesson overview report required additional sanitizing to prevent a stored XSS risk.

CVSS

No CVSS.

References

Link	Resource
https://moodle.org/mod/forum/discuss.php?d=458388

Configurations

No configuration.

History

03 Jun 2024, 14:46

Type	Values Removed	Values Added
Summary		(es) Los números de identificación que se muestran en el informe de descripción general de la lección requirieron una sanitización adicional para evitar un riesgo de XSS almacenado.

31 May 2024, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-31 20:15

Updated : 2024-06-03 14:46

NVD link : CVE-2024-34000

Mitre link : CVE-2024-34000

CVE.ORG link : CVE-2024-34000

JSON object : View

Products Affected

No product.

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')