CVE-2024-43425

Name of the Vulnerable Software and Affected Versions Moodle versions prior to 4.4.2 Moodle versions prior to 4.3.6 Moodle versions prior to 4.2.9 Moodle versions prior to 4.1.12

Description A flaw was found in Moodle, allowing remote code execution due to incomplete sanitization in the calculated question types feature. This requires the capability to add or update questions. Attackers can execute arbitrary code, potentially disclosing students' confidential information or disrupting the learning process. An estimated 238,205 exposed Moodle instances have been detected, and the issue has been exploited in the wild.

Recommendations For versions prior to 4.4.2, update to version 4.4.2 or later. For versions prior to 4.3.6, update to version 4.3.6 or later. For versions prior to 4.2.9, update to version 4.2.9 or later. For versions prior to 4.1.12, update to version 4.1.12 or later. As a temporary workaround, consider restricting access to the calculated questions feature until a patch is applied.