Description
Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 before 1.7.6, 1.8 before 1.8.7, and 1.9 before 1.9.3 allows remote attackers to inject arbitrary web script or HTML via a Wiki page name (aka page title).
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Shop Multiple SQL Injection Vulnerabilities (3.4.3.15)
WordPress Plugin NewsPlugin Cross-Site Request Forgery (1.0.18)
OpenSSL Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-0735)
MySQL CVE-2019-3009 Vulnerability (CVE-2019-3009)
WordPress Plugin Convert Docx2post Arbitrary File Upload (1.4)