Description
A denial-of-service risk was identified in the draft files area, due to it not respecting user file upload limits. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6, 3.8 to 3.8.8, 3.5 to 3.5.17 and earlier unsupported versions are affected.
Remediation
References
Related Vulnerabilities
Apache HTTP Server CVE-2013-5704 Vulnerability (CVE-2013-5704)
Microsoft SQL Server CVE-2023-29349 Vulnerability (CVE-2023-29349)
WordPress Plugin WP-UserOnline URL HTML Injection (2.62)
MySQL CVE-2012-3144 Vulnerability (CVE-2012-3144)
Apache Traffic Server CVE-2023-33933 Vulnerability (CVE-2023-33933)