Description
Cross-site scripting (XSS) vulnerabilities in Moodle CMS on or before 3.1.2 allow remote attackers to inject arbitrary web script or HTML via the s_additionalhtmlhead, s_additionalhtmltopofbody, and s_additionalhtmlfooter parameters.
Remediation
References
Related Vulnerabilities
Joomla Other Vulnerability (CVE-2006-1047)
WordPress Plugin WooCommerce Cross-Seller Unspecified Vulnerability (1.0.2)
WebLogic Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-11987)
Jboss EAP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2018-10237)
WordPress Plugin MyBB Cross-Poster Cross-Site Scripting (1.0)