Description
Cross-site scripting (XSS) vulnerability in install.php for Moodle 1.8.3, and possibly other versions before 1.8.4, allows remote attackers to inject arbitrary web script or HTML via the dbname parameter. NOTE: this issue only exists until the installation is complete.
Remediation
References
Related Vulnerabilities
WordPress Plugin LearnDash LMS Arbitrary File Upload (2.5.3)
Drupal Core 8.5.x Remote Code Execution (8.5.0 - 8.5.2)
Sqlite Out-of-bounds Read Vulnerability (CVE-2019-9936)
Sqlite NULL Pointer Dereference Vulnerability (CVE-2019-19880)
WordPress Plugin Auto Amazon Links-Amazon Associates Affiliate Unspecified Vulnerability (2.0.3.4)