Description
Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via vectors that trigger an AJAX exception dialog.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Other Vulnerability (CVE-2001-0042)
WordPress Plugin WP-ViperGB Cross-Site Scripting (1.3.15)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5320)
ownCloud Improper Access Control Vulnerability (CVE-2016-9467)
Python Improper Neutralization of CRLF Sequences ('CRLF Injection') Vulnerability (CVE-2019-9947)