Description
Cross-site scripting (XSS) vulnerability in admin/webservice/forms.php in the web services implementation in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the name field (aka the service name) to admin/webservice/service.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin UpdraftPlus WordPress Backup Cross-Site Request Forgery (1.23.3)
PHP Cryptographic Issues Vulnerability (CVE-2011-3189)
MySQL CVE-2020-14868 Vulnerability (CVE-2020-14868)
Python CVE-2013-1753 Vulnerability (CVE-2013-1753)
MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-30152)