In Virtual Programming Lab for Moodle versions up to v4.2.3 a medium severity vulnerability CVE-2024-34312 was detected. This issue allows attackers to inject malicious scripts into web pages viewed by users, potentially leading to unauthorized access or manipulation of user data. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-34312.
Moodle: XSS Vulnerability Allows Malicious Script Injection and User Data Manipulation
by the Hossted team
25.07.2024
25.07.2024