Description
Multiple cross-site scripting (XSS) vulnerabilities in badges/renderer.php in Moodle 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via an external badge.
Remediation
References
Related Vulnerabilities
Ruby on Rails Improper Input Validation Vulnerability (CVE-2016-0753)
WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more PHAR Deserialization (2.9.8.5)
WordPress Plugin Meks Flexible Shortcodes Cross-Site Scripting (1.3.4)
OpenSSL Possible denial of service attack Vulnerability (CVE-2020-1971)