Опубликовано: 23 июн. 2021
Источник: ubuntu
Приоритет: medium
EPSS Средний
CVSS2: 9
CVSS3: 9.1
Описание
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE | |
| impish | DNE |
Показывать по
10
EPSS
Процентиль: 99%
0.69115
Средний
9 Critical
CVSS2
9.1 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.1
nvd
почти 4 года назад
A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
CVSS3: 9.1
github
около 3 лет назад
Moodle command execution vulnerability exists in the default legacy spellchecker plugin
EPSS
Процентиль: 99%
0.69115
Средний
9 Critical
CVSS2
9.1 Critical
CVSS3