Description
Cross-site scripting (XSS) vulnerabilities in Moodle CMS on or before 3.1.2 allow remote attackers to inject arbitrary web script or HTML via the s_additionalhtmlhead, s_additionalhtmltopofbody, and s_additionalhtmlfooter parameters.
Remediation
References
Related Vulnerabilities
Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-20098)
Nginx Other Vulnerability (CVE-2019-9513)
WordPress Plugin Simply Show Hooks Malicious Code (1.2.1)
Lighttpd Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2022-41556)
Apache HTTP Server CVE-2018-1283 Vulnerability (CVE-2018-1283)