VDB
CVE-2025-26528
CVE-2025-26528
PUBLISHED
The drag-and-drop onto image (ddimageortext) question type required additional sanitizing to prevent a stored XSS risk.
EPSS 0.71% · 72.6th percentile
Risk Scores
EPSS Score
0.71%
72.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | moodle | 4.5.0, 4.1.0, 4.3.0 |
| Bitnami | moodle | 4.1.0, 4.3.0, 4.4.0 |
Exploit Intelligence
Timeline
- Feb 17, 2025 CVE Published
- Feb 24, 2025 Coalition ESS Score
- Feb 27, 2025 EPSS Score
- Mar 13, 2025 EPSS Score
- Mar 27, 2025 EPSS Score
- Apr 10, 2025 EPSS Score
- Apr 24, 2025 EPSS Score
- May 8, 2025 EPSS Score
- May 22, 2025 EPSS Score
- Jun 5, 2025 EPSS Score
- Jun 19, 2025 EPSS Score
- Jul 3, 2025 EPSS Score