Kstpt

**Name of the Vulnerable Software and Affected Versions** Moodle versions prior to 3.10.1 Moodle versions prior to 4.0.0-beta **Description** The issue is related to insufficient escaping of search queries in certain search inputs, which can lead to reflected Cross-site Scripting (XSS) attacks. This allows a remote attacker to conduct inter-site scripting attacks. **Recommendations** For versions prior to 3.10.1, update to version 3.10.1 or later to resolve the issue. For versions prior to 4.0.0-beta, update to version 4.0.0-beta or later to resolve the issue. As a temporary workaround, consider restricting access to search inputs until a patch is available.