Any idea anybody?
I'm back today with this question, that I should phrase as follow: how to prevent teachers from performing cross scripting in Moodle? Not that teachers would do that, but let's say that one of them, who has a very weak password, gets hijacked by a student. Then this student can hijack the whole site using XSS.