Description
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors involving extended characters in a username.
Remediation
References
Related Vulnerabilities
Mailman Other Vulnerability (CVE-2001-0290)
Moodle Improper Input Validation Vulnerability (CVE-2012-6101)
Drupal Core 4.7.x Arbitrary Code Execution (4.7.0)
Zope Web Application Server CVE-2011-2528 Vulnerability (CVE-2011-2528)
WordPress Plugin Ultimate Instagram Feed Unspecified Vulnerability (1.3)