WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-5013)

Description

In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam.

Remediation

References

Related Vulnerabilities

Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-41080)

WordPress Plugin Listing, Classified Ads & Business Directory-uListing Cross-Site Request Forgery (2.0.8)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-46148)

Apache Tomcat Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2021-42340)

Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3546)

Severity

Medium

Classification

CVE-2016-5013 CWE-138 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities