Описание
Moodle vulnerable to SQL Injection
A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-35132
- https://bugzilla.redhat.com/show_bug.cgi?id=2214371
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7A72KX4WU6GK2CX4TKYFGFASPKOEOJFC
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I5QAEAGJ44NVXLAJFJXKARKC45OGEDXT
- https://moodle.org/mod/forum/discuss.php?d=447830
- http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77193
Пакеты
moodle/moodle
= 4.2.0
4.2.1
moodle/moodle
>= 4.1.0, < 4.1.4
4.1.4
moodle/moodle
>= 4.0.0, < 4.0.9
4.0.9
moodle/moodle
>= 3.10.0, < 3.11.15
3.11.15
moodle/moodle
< 3.9.22
3.9.22
Связанные уязвимости
A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.
A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.
A limited SQL injection risk was identified on the Mnet SSO access con ...
