Security Advisory
CVE-2011-4278
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Cross-site scripting (XSS) vulnerability in the tag autocomplete functionality in Moodle 1.9.x before 1.9.11 and 2.0.x before 2.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.