Gose

**Name of the Vulnerable Software and Affected Versions** Moodle versions 1.9.x through 1.9.10 Moodle versions 2.0.x through 2.0.1 **Description** A cross-site scripting (XSS) issue exists in the tag autocomplete functionality, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For Moodle versions 1.9.x through 1.9.10, update to version 1.9.11 or later. For Moodle versions 2.0.x through 2.0.1, update to version 2.0.2 or later.