Description
Cross-site scripting (XSS) vulnerability in blog/edit.php in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to inject arbitrary web script or HTML via the etitle parameter (blog entry title).
Remediation
References
Related Vulnerabilities
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2014-0118)
WordPress Plugin Edit Comments XT Cross-Site Scripting (1.0)
WordPress Plugin Google +1 by BestWebSoft Cross-Site Scripting (1.3.3)
WordPress 2.0.4 Multiple Security Vulnerabilities (2.0.4)
SharePoint Download of Code Without Integrity Check Vulnerability (CVE-2020-1595)