Description

A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions.

Remediation

References

CVE-2023-35132

Related Vulnerabilities

SharePoint CVE-2022-21837 Vulnerability (CVE-2022-21837)

WordPress Plugin Responsive Slider-Image Slider-Slideshow for WordPress Multiple Vulnerabilities (2.7.5)

Perl Use of Externally-Controlled Format String Vulnerability (CVE-2012-1151)

Jetty Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2021-28163)

Joomla Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-7989)

Severity

Medium

Classification

CVE-2023-35132 CWE-138 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Tags

Missing Update Known Vulnerabilities