PT-2017-8649 · Moodle · Moodle

Pierre Guinoiseau

·

Publicado

2017-01-20

·

Atualizado

2022-05-13

·

CVE-2016-5013

CVSS v2.0

5.8

Média

VetorAV:N/AC:M/Au:N/C:P/I:P/A:N
Name of the Vulnerable Software and Affected Versions Moodle versions 2.x through 3.x
Description The issue allows text injection in email headers, which could potentially lead to outbound spam.
Recommendations For Moodle versions 2.x through 3.x, update to a version where this issue is fixed to prevent text injection in email headers.

Correção

Special Elements Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-74

Identificadores relacionados

CVE-2016-5013
GHSA-2HH3-JMV8-5FMX

Produtos afetados

Moodle