| Description: | Standard survey module is vulnerable to XSS attack by students who fill the survey |
| Issue summary: | Student XSS in survey |
| Severity/Risk: | Minor |
| Versions affected: | 2.9 to 2.9.2, 2.8 to 2.8.8, 2.7 to 2.7.10 and earlier unsupported versions |
| Versions fixed: | 2.9.3, 2.8.9 and 2.7.11 |
| Reported by: | Hugh Davenport |
| Issue no.: | MDL-49940 |
| CVE identifier: | CVE-2015-5336 |
| Changes (master): | http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-49940 |