CVE-2025-26530: 
PHP vulnerability analysis and mitigation

A reflected Cross-Site Scripting (XSS) vulnerability was identified in Moodle's question bank filter, tracked as CVE-2025-26530. The vulnerability was discovered on February 24, 2025, affecting Moodle versions 4.5 to 4.5.1, 4.4 to 4.4.5, and 4.3 to 4.3.9. The issue was reported by a security researcher known as Hect0r (Moodle Forum).

The vulnerability stems from insufficient sanitization in the question bank filter, which could lead to reflected XSS attacks. The severity of this vulnerability has been assessed with a CVSS v3.1 base score of 8.3 (HIGH), with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H. The vulnerability is classified as CWE-79: Improper Neutralization of Input During Web Page Generation (NVD).

The vulnerability could allow attackers to execute malicious scripts in users' browsers through reflected XSS attacks, potentially leading to theft of sensitive information, session hijacking, or other malicious actions in the context of the affected Moodle installation (Moodle Forum).

The vulnerability has been fixed in Moodle versions 4.5.2, 4.4.6, and 4.3.10. Users are advised to upgrade to these patched versions to protect against potential attacks (Moodle Forum).