Description
Multiple cross-site scripting (XSS) vulnerabilities in lib/conditionlib.php in Moodle 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allow remote attackers to inject arbitrary web script or HTML via the conditional access rule value of a user field.
Remediation
References
Related Vulnerabilities
WordPress Plugin LearnPress-WordPress LMS Security Bypass (4.1.4.1)
WordPress Plugin Gallery-Video Gallery and Youtube Gallery Cross-Site Scripting (1.7.01)
ownCloud Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-9044)
Moodle Other Vulnerability (CVE-2006-4786)
PostgreSQL Improper Certificate Validation Vulnerability (CVE-2021-43767)