Description

Cross-site scripting (XSS) vulnerability in course/editsection.html in Moodle 1.9.x before 1.9.14 allows remote authenticated users to inject arbitrary web script or HTML via crafted data.

Remediation

References

CVE-2011-4306

Related Vulnerabilities

WordPress Plugin Shield Security-Smart Bot Blocking & Intrusion Prevention Security Cross-Site Scripting (8.2.2)

MediaWiki CVE-2022-28204 Vulnerability (CVE-2022-28204)

WordPress Plugin Chamber Dashboard Business Directory Cross-Site Scripting (3.2.8)

Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1432)

WordPress Plugin WooCommerce Cross-Seller Unspecified Vulnerability (1.0.2)

Severity

Medium

Classification

CVE-2011-4306 CWE-707

Tags

Missing Update Known Vulnerabilities