CVE-2024-28593

Description

Cross-site Scripting in Moodle Chat

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• https://nvd.nist.gov/vuln/detail/CVE-2024-28593
• https://docs.moodle.org/403/en/Using_Chat
• https://gist.githubusercontent.com/minendie/4f23174687bc4d8eb7f727d9959b5399/raw/9ce573cebcce5521d9d6f826ab68f3780036b874/CVE-2024-28593.txt
• https://github.com/moodle/moodle
• https://medium.com/%40lamscun/how-do-i-change-htmli-from-low-to-critical-your-email-box-is-safe-e7171efd88fe