CVE-2021-36398

State: PUBLISHED · Published: 2023-03-06 · Updated: 2025-03-07 · Assigner: fedora

Description

In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk.

CWE

CWE-79 — CWE-79
CWE-79 — CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected

CVSS

References

Source

cvelistV5-main/cves/2021/36xxx/CVE-2021-36398.json