CVE-2019-14827
CVE-2019-14827 concerns Moodle where JavaScript injection is possible in some Mustache templates due to recursive rendering from contexts. The root cause is that Mustache helper tags in template contexts were not escaped before being injected into another Mustache helper, enabling potential scrip...