Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-30599)

Description

A flaw was found in moodle where an SQL injection risk was identified in Badges code relating to configuring criteria.

Remediation

References

Related Vulnerabilities

Apache Tomcat CVE-2012-5568 Vulnerability (CVE-2012-5568)

Magento XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2021-21019)

Joomla! Core 4.x.x Multiple Vulnerabilities (4.0.0 - 4.2.3)

Joomla! Core 3.0.x Cross-Site Scripting (3.0.0 - 3.0.3)

LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-44967)

Severity

Critical

Classification

CVE-2022-30599 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities