Описание
A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application.
Ссылки
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
8.8 High
CVSS3
Дефекты
Связанные уязвимости
A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application.
A flaw was found in Moodle. An attacker with access to the restore int ...
Уязвимость виртуальной обучающей среды Moodle, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код и скомпрометировать систему
EPSS
8.8 High
CVSS3