Moodle · Moodle · CVE-2022-30599
**Name of the Vulnerable Software and Affected Versions**
Moodle (affected versions not specified)
**Description**
A flaw was found in Moodle where an SQL injection risk was identified in Badges code relating to configuring criteria. The vulnerability is related to insufficient sanitization of user input in the badges code, allowing a remote attacker to execute arbitrary SQL code by sending a specially crafted request. This can enable the attacker to execute arbitrary commands in the application's database.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.