A flaw was found in Moodle. The breadcrumb navigation provided by Boost theme when displaying search results of a blog were insufficiently filtered, which could result in reflected XSS if a user followed a malicious link containing JavaScript in the search parameter. References: https://moodle.org/mod/forum/discuss.php?d=376025 Upstream Patch: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-62857
Created moodle tracking bugs for this issue: Affects: epel-all [bug 1629951] Affects: fedora-all [bug 1629950]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.