Description
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database.
Remediation
References
Related Vulnerabilities
Apache HTTP Server Insertion of Sensitive Information into Log File Vulnerability (CVE-2001-1556)
WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.37)
WordPress Plugin BuddyPress Information Disclosure (5.1.1)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-20281)
WordPress Plugin School Management System-WPSchoolPress Multiple Vulnerabilities (2.1.9)