CVE-2021-36568: 
PHP vulnerability analysis and mitigation

A stored Cross-Site Scripting (XSS) vulnerability was identified in Moodle versions 3.11, 3.10.4, and 3.9.7. After creating a course, it is possible to add an arbitrary 'Topic' as a resource, specifically a 'Database' with the type 'Text' where its values 'Field name' and 'Field description' are vulnerable to stored XSS attacks (Hacking Force Blog, CVE Mitre).

The vulnerability exists in the database resource functionality of Moodle. When creating a course, the text input fields 'Field name' and 'Field description' in the database resource are not properly sanitized, allowing for the injection of malicious scripts. The exploitation requires user access to the course and interaction with the 'Search' option (Hacking Force Blog).

This vulnerability allows attackers to inject and store malicious scripts that can be executed when other users access the affected course pages. As a stored XSS vulnerability, it could lead to session hijacking, credential theft, or other client-side attacks against Moodle users who view the compromised fields (Hacking Force Blog).

The vulnerability has been addressed in newer versions of Moodle. System administrators should upgrade to the latest version. Fedora has released security updates for affected versions: moodle-3.11.10-1.fc35 and moodle-3.11.10-1.fc36 (Fedora Update 35, Fedora Update 36).