Описание
Moodle affected by a code injection vulnerability
A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application.
Пакеты
moodle/moodle
>= 5.1.0-beta, < 5.1.1
5.1.1
moodle/moodle
>= 5.0.0-beta, < 5.0.4
5.0.4
moodle/moodle
>= 4.5.0-beta, < 4.5.8
4.5.8
moodle/moodle
>= 4.2.0-beta, < 4.4.12
4.4.12
moodle/moodle
< 4.1.22
4.1.22
Связанные уязвимости
A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application.
A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application.
A flaw was found in Moodle. An attacker with access to the restore int ...
Уязвимость виртуальной обучающей среды Moodle, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код и скомпрометировать систему