CVE-2021-20183: Cross-site Scripting

January 28, 2021 (updated February 1, 2021)

It was found in Moodle that some search inputs were vulnerable to reflected XSS due to insufficient escaping of search queries.

References

moodle.org/mod/forum/discuss.php?d=417166
nvd.nist.gov/vuln/detail/CVE-2021-20183

Code Behaviors & Features

Detect and mitigate CVE-2021-20183 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →