PT-2017-15459 · Moodle · Moodle

Marko Belzetski

Publicado

2017-03-26

Atualizado

2022-05-17

CVE-2017-2641

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Moodle versions 2.x through 3.x

Description The issue allows SQL injection via user preferences.

Recommendations For Moodle versions 2.x through 3.x, update to a version that includes a fix for this issue.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

CVE-2017-2641

GHSA-XHQ3-455R-XV44

Moodle