Description
The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS).
Remediation
References
Related Vulnerabilities
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-0195)
WordPress Plugin Metronet Tag Manager Cross-Site Request Forgery (1.2.7)
Moodle Other Vulnerability (CVE-2006-4943)
WordPress Plugin Ultimate FAQ Cross-Site Scripting (1.8.29)
Jenkins Improper Input Validation Vulnerability (CVE-2015-1808)