Vulnerabilities > CVE-2020-25627 - Unspecified vulnerability in Moodle 3.9.0/3.9.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk. This affects versions 3.9 to 3.9.1. Fixed in 3.9.2.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 7 |