CVE-2024-37674
Description
Cross Site Scripting vulnerability in Moodle CMS v3.10 allows a remote attacker to execute arbitrary code via the Field Name (name parameter) of a new activity.
CWE
- CWE-79 — CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Affected
- n/a / n/a — v=n/a [affected]
CVSS
- (none)
References
- http://moodle.com
- https://github.com/MohamedAzizMSALLEMI/Moodle_Security/blob/main/CVE-2024-37674.md
Source
cvelistV5-main/cves/2024/37xxx/CVE-2024-37674.json