Description

A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded.

Remediation

References

CVE-2019-10134

Related Vulnerabilities

WordPress Plugin WHIZZ Cross-Site Request Forgery (1.1)

WordPress Plugin Gallery-Flagallery Photo Portfolio Multiple Vulnerabilities (2.00)

WordPress Plugin Mingle Forum 'edit_post_id' Parameter SQL Injection (1.0.31)

Rukovoditel Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-20166)

MyBB Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-43708)

Severity

Low

Classification

CVE-2019-10134 CWE-20 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities