Description
Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 before 1.7.6, 1.8 before 1.8.7, and 1.9 before 1.9.3 allows remote attackers to inject arbitrary web script or HTML via a Wiki page name (aka page title).
Remediation
References
Related Vulnerabilities
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-2748)
WordPress Plugin GB Team Stats Cross-Site Scripting (1.5.1)
Internet Information Services CVE-2006-6578 Vulnerability (CVE-2006-6578)
MediaWiki Improper Handling of Exceptional Conditions Vulnerability (CVE-2020-25869)