Description
Cross-site scripting (XSS) vulnerability in the print_object function in lib/datalib.php in Moodle 2.0.x before 2.0.6 and 2.1.x before 2.1.3, when a developer debugging script is enabled, allows remote attackers to inject arbitrary web script or HTML via vectors involving object states.
Remediation
References
Related Vulnerabilities
MySQL CVE-2016-3471 Vulnerability (CVE-2016-3471)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9852)
WordPress Plugin External 'Video for Everybody' Cross-Site Scripting (2.0)
WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Cross-Site Scripting (1.1.5.1)