CVE-2020-25627 – The moodlenetprofile user profile field required extra sanitizing to prev

The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk. This affects versions 3.9 to 3.9.1. Fixed in 3.9.2.

 

Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25627

Reference (s):

• https://moodle.org/mod/forum/discuss.php?d=410839
• URL: https://moodle.org/mod/forum/discuss.php?d=410839