CNNVD-202601-3324 Information

CNNVD ID

CNNVD-202601-3324

Related CVE

CVE-2021-47857

• CNNVD Published: 2026-01-21

Description (Chinese)

Moodle是Moodle开源的一套免费的电子学习软件平台，也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle 3.10.3版本存在跨站脚本漏洞，该漏洞源于日历事件副标题字段存在持久型跨站脚本，可能导致执行任意代码。

Description (English)

Moodle is an open-source, free-of-charge e-learning platform known as the curriculum management system, the learning management system or the virtual learning environment. Moodle 3.10.3 has a cross-site script loophole, which stems from the persistent cross-site script in the calendar event subheading field, which may result in the implementation of any code.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

Moodle

Published

2026-01-21

Last Modified

2026-02-24

References

https://moodle.org/ https://www.exploit-db.com/exploits/49714 https://www.vulncheck.com/advisories/moodle-label-persistent-cross-site-scripting https://access.redhat.com/security/cve/cve-2021-47857