Rik Gouw

**Name of the Vulnerable Software and Affected Versions** Moodle versions prior to 3.10.1 Moodle versions prior to 3.9.4 Moodle versions prior to 3.8.7 Moodle versions prior to 3.5.16 **Description** The issue is related to a lack of character limit when sending messages in Moodle, which could result in a client-side denial of service for users receiving very large messages. This could be exploited by a remote attacker to cause a denial of service. **Recommendations** For versions prior to 3.10.1, update to version 3.10.1 or later. For versions prior to 3.9.4, update to version 3.9.4 or later. For versions prior to 3.8.7, update to version 3.8.7 or later. For versions prior to 3.5.16, update to version 3.5.16 or later.