漏洞关键信息 Bug ID CVE: CVE-2025-67850 漏洞描述 描述: moodle: Cross-Site Scripting vulnerability via inadequate input filtering in formula editor 详情: An XSS issue in the formula editor stemmed from inadequate filtering of user input in arithmetic expression fields. This could allow malicious script to run in the browsers of users viewing those expressions. 关键词 Keywords: Security 状态 Status: NEW 产品与组件 Product: Security Response Component: vulnerability 版本与环境 Version: unspecified Hardware: All OS: Linux 优先级与严重性 Priority: high Severity: high 时间信息 Reported: 2025-12-19 12:07 UTC by OSIDB Bzimport Modified: 2025-12-19 12:09 UTC 相关信息 Depends On: 2423839, 2423840 TreeView+: depends on / blocked 其他 Assignee: Product Security DevOps Team