CVE-2021-36398, GHSA-786g-xv8v-9h93
packagist/moodle/moodle
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk.
Version 3.11.0
Upgrade to version 3.11.1 or above.
2023-03-08
source |