Description
A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. The size of users' private file uploads via email were not correctly checked, so their quota allowance could be exceeded.
Remediation
References
Related Vulnerabilities
PHP Improper Input Validation Vulnerability (CVE-2014-3480)
WordPress Plugin WP Booking Calendar Multiple Vulnerabilities (3.0.0)
WordPress Plugin Olevmedia Shortcodes Cross-Site Scripting (1.1.8)
phpBB URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2015-3880)
WordPress Plugin Email newsletter Cross-Site Scripting (20.13.6)