Description
Multiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 allow remote attackers to inject arbitrary web script or HTML via vectors that trigger an AJAX exception dialog.
Remediation
References
Related Vulnerabilities
WordPress Plugin CYSTEME Finder, the admin files explorer Unspecified Vulnerability (1.7)
MyBB Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-5131)
WordPress Plugin Border Loading Bar Cross-Site Scripting (1.0.1)
Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-7989)