Description
A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.
Remediation
References
Related Vulnerabilities
FluxBB CVE-2011-3621 Vulnerability (CVE-2011-3621)
WordPress Plugin User Avatar Unspecified Vulnerability (1.4.6)
WebLogic CVE-2018-2933 Vulnerability (CVE-2018-2933)
Drupal Insufficient Verification of Data Authenticity Vulnerability (CVE-2016-9450)
WordPress Plugin Mailing List 'wpabspath' Parameter Remote File Include (1.3.3)