CVE-2022-30596

Name of the Vulnerable Software and Affected Versions Moodle (affected versions not specified)

Description A flaw was found in Moodle where ID numbers displayed when bulk allocating markers to assignments required additional sanitizing to prevent a stored XSS risk. The vulnerability is related to insufficient data sanitizing in the bulk marker allocation form, which can allow a remote attacker to conduct cross-site scripting attacks using a specially crafted script. This can enable the attacker to inject and execute arbitrary HTML and script code in a user's browser within the context of the vulnerable website.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.