Description
Cross-site scripting (XSS) vulnerability in uploader.swf in the Uploader component in Yahoo! YUI 3.2.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other products, allows remote attackers to inject arbitrary web script or HTML via a crafted string in a URL.
Remediation
References
Related Vulnerabilities
Joomla CVE-2022-27911 Vulnerability (CVE-2022-27911)
TYPO3 Other Vulnerability (CVE-2006-0327)
Drupal CVE-2014-1475 Vulnerability (CVE-2014-1475)
WordPress Plugin QueryWall:Plug'n Play Firewall Cross-Site Scripting (1.1.0)
PostgreSQL Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2018-1115)