Description
In Moodle 2.x and 3.x, SQL injection can occur via user preferences.
Remediation
References
Related Vulnerabilities
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0483)
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-10678)
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31552)
Oracle Database Server CVE-2011-0804 Vulnerability (CVE-2011-0804)
Apache HTTP Server CVE-2004-0786 Vulnerability (CVE-2004-0786)