Description

Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote attackers to inject arbitrary web script or HTML via a crafted blog link within an RSS feed.

Remediation

References

CVE-2013-4341

Related Vulnerabilities

WordPress Plugin WPtouch 'wptouch_settings' Parameter Cross-Site Scripting (1.9.20)

WordPress Plugin Watu Quiz Cross-Site Scripting (2.4.9)

MySQL CVE-2020-2774 Vulnerability (CVE-2020-2774)

WordPress Plugin MoolaMojo Cross-Site Scripting (0.7.4.1)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-20414)

Severity

Medium

Classification

CVE-2013-4341 CWE-707

Tags

Missing Update Known Vulnerabilities