Description
A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions.
Remediation
References
Related Vulnerabilities
WordPress Plugin NextGEN Gallery-WordPress Gallery 'nggallery-manage-gallery' HTML Injection (0.96)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2020-9547)
WordPress Plugin Widgets for WooCommerce Products on Elementor Security Bypass (1.0.5)