CVE-2020-25627

Name of the Vulnerable Software and Affected Versions Moodle versions 3.9 through 3.9.1

Description The issue concerns a stored XSS risk due to insufficient sanitizing in the moodlenetprofile user profile field. This poses a risk as it can lead to the execution of malicious scripts stored in the user's profile. The estimated number of potentially affected devices worldwide is not specified. Details about real-world incidents where this issue was exploited are not provided.

Recommendations For versions 3.9 through 3.9.1, update to version 3.9.2 to resolve the issue. At the moment, there is no other information about additional mitigation measures for this vulnerability.