Description
Multiple cross-site scripting (XSS) vulnerabilities in mod/lti/typessettings.php in Moodle 2.2.x before 2.2.4 and 2.3.x before 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) lti_typename or (2) lti_toolurl parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin S3 Video Cross-Site Scripting (0.97)
OpenSSL Improper Certificate Validation Vulnerability (CVE-2023-0466)
WordPress Plugin Nextend Facebook Connect Cross-Site Scripting (1.5.0)
MySQL CVE-2022-21637 Vulnerability (CVE-2022-21637)
Django Improper Authentication Vulnerability (CVE-2021-44420)