Description
Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 3.2.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other products, allows remote attackers to inject arbitrary web script or HTML via a crafted string in a URL.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Database Backup Cross-Site Scripting (5.1.1)
Squid Resource Management Errors Vulnerability (CVE-2011-4096)
Python CVE-2019-16056 Vulnerability (CVE-2019-16056)
WordPress Plugin Universal Star Rating Unspecified Vulnerability (1.10.3)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3065)