CVE-2025-26529: 
PHP vulnerability analysis and mitigation

A stored Cross-Site Scripting (XSS) vulnerability was identified in Moodle's site administration live log functionality. The vulnerability, tracked as CVE-2025-26529, was discovered on February 12, 2025, and affects Moodle versions 4.5 to 4.5.1, 4.4 to 4.4.5, 4.3 to 4.3.9, 4.1 to 4.1.15, and earlier unsupported versions. The issue required additional sanitizing of description information displayed in the site administration live log to prevent a stored XSS risk (Moodle Forum).

The vulnerability has been assigned a CVSS v3.1 base score of 8.3 (HIGH) with the vector string CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H. The issue is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation) and involves insufficient sanitization of event description information in the site administration live log (NVD).

This stored XSS vulnerability could potentially allow attackers to execute malicious scripts in the context of other users' browsers when they view the affected live log section in the site administration area. Given the high CVSS score and the potential for compromising confidentiality, integrity, and availability, this vulnerability is considered serious (Moodle Forum).

Fixed versions have been released: Moodle 4.5.2, 4.4.6, 4.3.10, and 4.1.16. Users are advised to upgrade to these patched versions to address the vulnerability. The fix involves implementing proper sanitization for event descriptions in the live log functionality (Moodle Forum).