Описание
A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/xenial | needs-triage | |
| jammy | DNE | |
| noble | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
Ссылки на источники
8.8 High
CVSS3
Связанные уязвимости
A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application.
A flaw was found in Moodle. An attacker with access to the restore int ...
Уязвимость виртуальной обучающей среды Moodle, связанная с неверным управлением генерацией кода, позволяющая нарушителю выполнить произвольный код и скомпрометировать систему
8.8 High
CVSS3