Description
Cross-site scripting (XSS) vulnerability in mod/forum/discuss.php in Moodle 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the navtail parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Remediation
References
Related Vulnerabilities
Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28736)
WordPress Plugin Form Lightbox Security Bypass (2.1)
Envoy Proxy Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-15225)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3126)