CVE-2017-2645by Jeremyin Security Bulletinson Posted on March 28, 2017 In Moodle 3.x, XSS can occur via attachments to evidence of prior learning.