Description
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database.
Remediation
References
Related Vulnerabilities
Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6212)
Atlassian Jira Deserialization of Untrusted Data Vulnerability (CVE-2020-14172)
WordPress Plugin Companion Auto Update Multiple Vulnerabilities (3.2.0)
Drupal User Interface (UI) Misrepresentation of Critical Information Vulnerability (CVE-2025-13082)
Joomla Improper Input Validation Vulnerability (CVE-2020-11890)