Description
In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, insufficient input escaping was applied to the PHP unit webrunner admin tool.
Remediation
References
Related Vulnerabilities
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.21)
WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.15)
WordPress Plugin FancyBox for WordPress Cross-Site Scripting (3.0.2)
WordPress Plugin Search Everything SQL Injection (8.1.5)
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-36125)