Cross-Site Scripting Vulnerability in MOODLE by MOODLE HQ
CVE-2024-29374
Currently unrated
What is CVE-2024-29374?
A Cross-Site Scripting (XSS) vulnerability has been identified in MOODLE 3.10.9, which can be exploited via the 'GET /?lang=' URL parameter. This flaw allows an attacker to inject malicious scripts into web pages viewed by users, potentially compromising user data and session integrity. It is crucial for administrators to apply the latest patches and implement security measures to mitigate this risk.