Description
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in blog search. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website. This flaw allows a remote attacker to perform cross-site scripting (XSS) attacks.
Remediation
References
Related Vulnerabilities
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13401)
WordPress Plugin GD Star Rating 'tpl_section' Parameter Cross-Site Scripting (1.9.16)
WordPress 4.5.x Multiple Vulnerabilities (4.5 - 4.5.13)
Oracle HTTP Server CVE-2021-35666 Vulnerability (CVE-2021-35666)