Description
In Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk.
Remediation
References
Related Vulnerabilities
EspoCRM Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7986)
WordPress Plugin Grid Gallery-Photo Image Grid Gallery Cross-Site Scripting (1.2.4)
Oracle Database Server CVE-2014-4236 Vulnerability (CVE-2014-4236)
SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-17303)