Description

Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote attackers to inject arbitrary web script or HTML via a crafted blog link within an RSS feed.

Remediation

References

CVE-2013-4341

Related Vulnerabilities

WordPress Plugin Sender by BestWebSoft Cross-Site Scripting (1.2.0)

Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27900)

WordPress Plugin Realty by BestWebSoft Cross-Site Scripting (1.0.9)

IBMHttpServer Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-1360)

WordPress Plugin WP e-Commerce-Store Exporter Privilege Escalation (1.6.6)

Severity

Medium

Classification

CVE-2013-4341 CWE-707

Tags

Missing Update Known Vulnerabilities