Moodle cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the quizquestiontostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question...

Cross-site Scripting (XSS)

Moodle is vulnerable to cross-site scripting XSS attacks. The library does not properly filter user input to the quizquestiontostring function in mod/quiz/editlib.php, allowing a malicious user to inject and execute arbitrary HTML script...

CVE-2014-2571

Cross-site scripting XSS vulnerability in the quizquestiontostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question...

Cross site scripting

Cross-site scripting XSS vulnerability in the quizquestiontostring function in mod/quiz/editlib.php in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote authenticated users to inject arbitrary web script or HTML via a quiz question...

CVE-2014-2571

Moodle is affected by CVE-2014-2571 due to an XSS in quiz_question_tostring in mod/quiz/editlib.php. The vulnerability affects Moodle up to 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allowing remote authenticated users to inject arbitrary script/HTML via a quiz questi...