{"id":"CVE-2019-14884","details":"A vulnerability was found in Moodle 3.7 before 3.73, 3.6 before 3.6.7 and 3.5 before 3.5.9, where a reflected XSS possible from some fatal error messages.","aliases":["GHSA-3xh5-5v5v-mfgm"],"modified":"2026-02-12T00:28:08.709479Z","published":"2020-03-18T13:15:12.137Z","references":[{"type":"ADVISORY","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14884"},{"type":"ADVISORY","url":"https://moodle.org/mod/forum/discuss.php?d=393587#p1586751"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14884"},{"type":"FIX","url":"https://moodle.org/mod/forum/discuss.php?d=393587#p1586751"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/moodle/moodle","events":[{"introduced":"46574904afd39578fa4146bf1fc5c401ac680aa6"},{"fixed":"fa0b5768cc0d47981e6786a587361004d66e625b"},{"introduced":"cb628a9a08933c2a9f1eae2f3be70ea5d343b419"},{"fixed":"27d0c2181bc587b6c742ebdcac0087c816d5d0ff"}]}],"versions":["v3.5.0","v3.5.1","v3.5.2","v3.5.3","v3.5.4","v3.5.5","v3.5.6","v3.5.7","v3.5.8","v3.6.0","v3.6.0-beta","v3.6.0-rc1","v3.6.0-rc2","v3.6.0-rc3","v3.6.1","v3.6.2","v3.6.3","v3.6.4","v3.6.5","v3.6.6"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-14884.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}