Description
Multiple cross-site scripting (XSS) vulnerabilities in badges/renderer.php in Moodle 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via an external badge.
Remediation
References
Related Vulnerabilities
WordPress Plugin File Manager Cross-Site Scripting (7.0)
WordPress Plugin NextGEN Gallery-WordPress Gallery Arbitrary File Upload (1.9.12)
WordPress Plugin DSGVO All in one for WP Cross-Site Scripting (4.1)
Oracle HTTP Server CVE-2022-21375 Vulnerability (CVE-2022-21375)
WordPress Plugin Weather Effect-Christmas Santa Snow Falling Cross-Site Request Forgery (1.3.3)