Description
Multiple cross-site scripting (XSS) vulnerabilities in the course-tags functionality in tag/coursetags_more.php in Moodle 2.0.x before 2.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) sort or (2) show parameter.
Remediation
References
Related Vulnerabilities
Serendipity Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-8101)
WordPress Plugin AdminPad Cross-Site Request Forgery (2.1)
MongoDb Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2021-32036)
Sqlite CVE-2023-36191 Vulnerability (CVE-2023-36191)
WordPress Plugin WordPress Social Login Cross-Site Scripting (2.0.3)