CVE 2021-36402

In Moodle, Users' names required additional sanitizing in the account confirmation email, to prevent a self-registration phishing risk.

See the CVE page on Mitre.org for more details.