Description In Moodle 2.x and 3.x, text injection can occur in email headers, potentially leading to outbound spam. Remediation References CVE-2016-5013 Related Vulnerabilities WordPress Plugin Vmax Project Manager Arbitrary File Upload (1.1) Apache Tomcat 7PK - Errors Vulnerability (CVE-2016-8745) Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.12) Jboss EAP Missing Authorization Vulnerability (CVE-2019-10184) WordPress Plugin Contact Form to DB by BestWebSoft-Messages Database For WordPress SQL Injection (1.7.2) Severity Medium Classification CVE-2016-5013 CWE-138 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities