Description
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors involving extended characters in a username.
Remediation
References
Related Vulnerabilities
WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2003-1599)
MySQL CVE-2015-2571 Vulnerability (CVE-2015-2571)
WordPress Plugin WP Discourse Unspecified Vulnerability (0.9.7)
Apache HTTP Server Insufficient Verification of Data Authenticity Vulnerability (CVE-2020-11985)
JBoss Application Server Privilege Escalation Vulnerability (CVE-2007-1354)