Description
Cross-site scripting (XSS) vulnerability in course/pending.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted course summary.
Remediation
References
Related Vulnerabilities
WordPress Plugin WebLibrarian Multiple Unspecified Vulnerabilities (2.6.3.1)
Oracle Database Server CVE-2007-5512 Vulnerability (CVE-2007-5512)
WordPress Plugin RSVP and Event Management Cross-Site Scripting (2.3.7)
WordPress Plugin Contact Form 7 Integrations Multiple Cross-Site Scripting Vulnerabilities (1.3.10)