CVE-2014-3551
CVE-2014-3551 Multiple cross-site scripting (XSS) vulnerabilities in the advanced-grading implementation in Moodle through 2311, 24x before 2411, 25x before 257, 26x before 264, and 27x before 271 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) qualification or (2) rating field in a rubric Grade field vulnerable /mo