CVE-2024-37674 | Moodle 3.10 New Activity Field Name cross site scripting

Posted by Angelo Barbosa | Jun 20, 2024 | CVE

A vulnerability was found in Moodle 3.10. It has been rated as problematic. Affected by this issue is some unknown functionality of the component New Activity Handler. The manipulation of the argument Field Name leads to cross site scripting.

This vulnerability is handled as CVE-2024-37674. The attack may be launched remotely. There is no exploit available.

CVE-2024-37674 | Moodle 3.10 New Activity Field Name cross site scripting

Related Posts

CVE-2024-2665 | Premium Addons for Elementor Plugin up to 4.10.27 on WordPress Button cross site scripting

CVE-2024-25030 | IBM DB2/DB2 Connect 11.1 log file (XFDB-281677)

CVE-2024-7314 | anji-plus AJ-Report up to 1.4.0 HTTP Request /swagger-ui insufficient permissions or privileges

CVE-2023-6323 | ThroughTek Kalay SDK prior 4.3.4.2 Message data authenticity