Moodle Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-46858
DISPUTED Moodle 4.3 allows /grade/report/grader/index.phpsearchvalue reflected XSS when logged in as a teacher. NOTE: the Moodle Security FAQ link states quotSome forms of rich content are used by teachers to enhance their courses ... admins and teachers can post XSS-capable content but students can not.quot