Description
Cross-site scripting (XSS) vulnerability in Moodle before 1.6.8, 1.7 before 1.7.6, 1.8 before 1.8.7, and 1.9 before 1.9.3 allows remote attackers to inject arbitrary web script or HTML via a Wiki page name (aka page title).
Remediation
References
Related Vulnerabilities
Grafana Improper Preservation of Permissions Vulnerability (CVE-2022-36062)
OpenSSL Out-of-bounds Read Vulnerability (CVE-2026-28386)
WordPress Plugin Image Gallery-Responsive Photo Gallery Cross-Site Scripting (1.5.1)
WordPress 4.4.x Prototype Pollution (4.4 - 4.4.26)
WordPress Plugin Abandoned Cart Recovery for WooCommerce Cross-Site Request Forgery (1.0.4)