Description
Cross-site scripting (XSS) vulnerability in blog/edit.php in Moodle 1.6.x before 1.6.7 and 1.7.x before 1.7.5 allows remote attackers to inject arbitrary web script or HTML via the etitle parameter (blog entry title).
Remediation
References
Related Vulnerabilities
WordPress Plugin Google Map Backdoor (1.4)
SharePoint Improper Authorization Vulnerability (CVE-2026-47298)
WordPress Incorrect Default Permissions Vulnerability (CVE-2011-1762)
WordPress Plugin Coming Soon Page & Maintenance Mode Cross-Site Request Forgery (1.7.8)
WordPress Plugin MW Font Changer Cross-Site Scripting (4.2.5)