Moodle is susceptible to cross-site scripting (XSS) attacks. The attacks are possible because the idnumber
field used in the administration of cohorts is not properly escaped. The artifact is due to incorrect fix for CVE-2012-2365.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-34045
openwall.com/lists/oss-security/2012/07/17/1
secunia.com/advisories/49890
www.securityfocus.com/bid/54481
exchange.xforce.ibmcloud.com/vulnerabilities/76962
git.moodle.org/gw?p=moodle.git;a=commit;h=136341673574a87585e7374140121aec4ad6810f