CVE-2024-29374
Description
A Cross-Site Scripting (XSS) vulnerability exists in the way MOODLE 3.10.9 handles user input within the "GET /?lang=" URL parameter.
CWE
- CWE-79 — CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Affected
- n/a / n/a — v=n/a [affected]
CVSS
- (none)
References
Source
cvelistV5-main/cves/2024/29xxx/CVE-2024-29374.json