Moodle · Moodle · CVE-2024-43437
**Name of the Vulnerable Software and Affected Versions**
moodle (affected versions not specified)
**Description**
A flaw was found in moodle due to insufficient sanitizing of data when performing a restore, which could result in a cross-site scripting (XSS) risk from malicious backup files. This issue exists because of inadequate protection of the web page structure, allowing a remote attacker to conduct an XSS attack.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.