Description
The stored-XSS vulnerability was discovered in Moodle which exists due to insufficient sanitization of user-supplied data in several "social" user profile fields. An attacker could inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Remediation
References
Related Vulnerabilities
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6727)
WordPress Plugin Homepage SlideShow Arbitrary File Upload (2.3)
PostgreSQL Improper Access Control Vulnerability (CVE-2019-10127)
Apache Tomcat Improper Input Validation Vulnerability (CVE-2014-0033)
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0050)