Moodle suffers from persistent cross site scripting vulnerabilities. Input passed to the POST parameters 'config_title' and 'title' thru index.php, are not properly sanitized allowing the attacker to execute HTML or JS code into user's browser session on the affected site. Affected components: Blocks, Glossary, RSS and Tags.
3a879d762267aeaca9fc89ee912f160275d978f39e1f6f838032b7e55569749c