Description

Cross-site scripting (XSS) vulnerability in mod/quiz/report/responses/responses_table.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via an answer to a text-based quiz question.

Remediation

References

CVE-2013-4525

Related Vulnerabilities

WordPress Plugin Awesome Support-WordPress HelpDesk & Support Multiple Vulnerabilities (4.3.1)

Internet Information Services Other Vulnerability (CVE-2001-0544)

PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-0244)

WordPress Plugin Thank You Counter Button Multiple Cross-Site Scripting Vulnerabilities (1.8.7)

WordPress Plugin Shopping Cart & eCommerce Store Arbitrary File Upload (3.0.8)

Severity

Low

Classification

CVE-2013-4525 CWE-707

Tags

Missing Update Known Vulnerabilities