Starlabs_Sg

**Name of the Vulnerable Software and Affected Versions** Moodle versions 3.11 to 3.11.3 Moodle versions 3.10 to 3.10.7 Moodle versions 3.9 to 3.9.10 Moodle earlier unsupported versions **Description** A flaw was found in the filetype site administrator tool, where a URL parameter required extra sanitizing to prevent a reflected XSS risk. This issue is related to the lack of protection measures for the web page structure, which could allow a remote attacker to perform cross-site scripting attacks. **Recommendations** For Moodle versions 3.11 to 3.11.3, update to a version that includes the necessary sanitizing for the URL parameter in the filetype site administrator tool. For Moodle versions 3.10 to 3.10.7, update to a version that includes the necessary sanitizing for the URL parameter in the filetype site administrator tool. For Moodle versions 3.9 to 3.9.10, update to a version that includes the necessary sanitizing for the URL parameter in the filetype site administrator tool. For Moodle earlier unsupported versions, consider upgrading to a supported version that includes the necessary security fixes.