Description

Cross-site scripting (XSS) vulnerability in Moodle 2.0.x before 2.0.9, 2.1.x before 2.1.6, and 2.2.x before 2.2.3 allows remote authenticated users to inject arbitrary web script or HTML via the idnumber field to cohort/edit.php.

Remediation

References

CVE-2012-2365

Related Vulnerabilities

WordPress Plugin is_human() 'type' Parameter Remote Command Injection (1.4.2)

MySQL CVE-2020-2925 Vulnerability (CVE-2020-2925)

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Multiple Vulnerabilities (2.9.42)

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2016-7065)

WordPress Plugin Sports Rankings and Lists Cross-Site Scripting (3.5)

Severity

Low

Classification

CVE-2012-2365 CWE-707

Tags

Missing Update Known Vulnerabilities