Description
A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data.
Remediation
References
Related Vulnerabilities
WordPress Plugin Content Staging Cross-Site Scripting (2.0.1)
Jenkins Improper Input Validation Vulnerability (CVE-2016-0792)
WordPress Plugin Easy Plugin for AdSense Cross-Site Request Forgery (6.06)
WordPress Plugin Booking Calendar Contact Form Cross-Site Scripting (1.0.24)
WordPress Plugin The Events Calendar:Eventbrite Tickets Cross-Site Scripting (3.9.6)