Description
Cross-site scripting (XSS) vulnerability in mod/quiz/report/statistics/statistics_question_table.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the student role for a crafted quiz response.
Remediation
References
Related Vulnerabilities
OpenSSL Numeric Errors Vulnerability (CVE-2016-2106)
WordPress Plugin Classified Listing Pro & Directory Cross-Site Scripting (2.0.19)
MySQL CVE-2020-2588 Vulnerability (CVE-2020-2588)
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.4.6)
WordPress Plugin PHPFreeChat 'url' Parameter Cross-Site Scripting (0.2.8)