Moderate severityNVD Advisory· Published Mar 6, 2023· Updated Mar 7, 2025
CVE-2021-36398
CVE-2021-36398
Description
In moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 3.11, < 3.11.1 | 3.11.1 |
Affected products
3- osv-coords2 versions
>= 3.11.0, < 3.11.1+ 1 more
- (no CPE)range: >= 3.11.0, < 3.11.1
- (no CPE)range: >= 3.11, < 3.11.1
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/advisories/GHSA-786g-xv8v-9h93ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-36398ghsaADVISORY
- moodle.org/mod/forum/discuss.phpghsaWEB
News mentions
0No linked articles in our index yet.