Description

Cross-site scripting (XSS) vulnerability in course/editsection.html in Moodle 1.9.x before 1.9.14 allows remote authenticated users to inject arbitrary web script or HTML via crafted data.

Remediation

References

CVE-2011-4306

Related Vulnerabilities

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5004)

WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.35)

WordPress Plugin eShop Multiple Cross-Site Scripting Vulnerabilities (6.2.8)

Apache Tomcat version older than 7.0.32

Undertow Unchecked Return Value Vulnerability (CVE-2022-1319)

Severity

Medium

Classification

CVE-2011-4306 CWE-707

Tags

Missing Update Known Vulnerabilities