CVE-2010-2229
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters.
Date published : 2010-06-28
http://cvs.moodle.org/moodle/blog/lib.php?r1=1.62.2.9&r2=1.62.2.10
http://cvs.moodle.org/moodle/blog/lib.php?r1=1.80.2.20&r2=1.80.2.21