Moodle · Moodle · CVE-2022-45151
**Name of the Vulnerable Software and Affected Versions**
Moodle (affected versions not specified)
**Description**
The issue is related to insufficient sanitization of user-supplied data in several "social" user profile fields, which can allow a remote attacker to inject and execute arbitrary HTML and script code in a user's browser in the context of the vulnerable website. This can be exploited by forcing the victim to follow a specially crafted link, leading to the execution of arbitrary code in the user's browser.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.