Description
Cross-site scripting (XSS) vulnerability in blog/edit.php in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to inject arbitrary web script or HTML via the etitle parameter (blog entry title).
Remediation
References
Related Vulnerabilities
WordPress 5.0.x Multiple Vulnerabilities (5.0 - 5.0.4)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-4303)
WordPress Plugin WP Page Builder Cross-Site Scripting (1.2.6)
WordPress Plugin Software License Manager Cross-Site Scripting (4.4.9)
WordPress Plugin Easy Custom Sidebars Unspecified Vulnerability (1.0.1)