PT-2017-8649 · Moodle · Moodle
Pierre Guinoiseau
·
Published
2017-01-20
·
Updated
2022-05-13
·
CVE-2016-5013
CVSS v2.0
5.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Moodle versions 2.x through 3.x
Description
The issue allows text injection in email headers, which could potentially lead to outbound spam.
Recommendations
For Moodle versions 2.x through 3.x, update to a version where this issue is fixed to prevent text injection in email headers.
Fix
Special Elements Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Moodle