Description

Cross-site scripting (XSS) vulnerability in mod/quiz/report/responses/responses_table.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to inject arbitrary web script or HTML via an answer to a text-based quiz question.

Remediation

References

CVE-2013-4525

Related Vulnerabilities

Drupal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-11831)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Security Bypass (1.3.52)

Prototype CVE-2008-7220 Vulnerability (CVE-2008-7220)

Moodle Improper Input Validation Vulnerability (CVE-2006-4935)

WordPress Plugin Visitors Online by BestWebSoft Cross-Site Scripting (0.9)

Severity

Low

Classification

CVE-2013-4525 CWE-707

Tags

Missing Update Known Vulnerabilities