Description
The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS).
Remediation
References
Related Vulnerabilities
MySQL CVE-2019-2581 Vulnerability (CVE-2019-2581)
WordPress Plugin iFrame Admin Pages 'url' Parameter Cross-Site Scripting (0.1)
Joomla! Core 1.5.x Security Bypass (1.5.0 - 1.5.24)
OpenSSL Other Vulnerability (CVE-2015-0289)
WordPress Plugin WP Poll Maker-Best WordPress Poll for Voting Contest Arbitrary File Upload (3.4)