Description
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. When a quiz question bank is imported, it was possible for the question preview that is displayed to execute JavaScript that is written into the question bank.
Remediation
References
Related Vulnerabilities
WordPress Plugin Job Manager Cross-Site Scripting (0.7.25)
Dolibarr Incorrect Authorization Vulnerability (CVE-2022-0731)
WordPress Plugin Premium Addons for Elementor Cross-Site Scripting (3.7.2)
LimeSurvey CVE-2019-16181 Vulnerability (CVE-2019-16181)
WordPress Plugin Events by Devllo Cross-Site Scripting (1.0.4.2)