Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A flaw was found in Moodle versions 3.8 before 3.8.3, 3.7 before 3.7.6, 3.6 before 3.6.10, 3.5 before 3.5.12 and earlier unsupported versions. It was possible to create a SCORM package in such a way that when added to a course, it could be interacted with via web services in order to achieve remote code execution.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
Moodle 输入验证错误漏洞
Vulnerability Description
Moodle是一套免费、开源的电子学习软件平台,也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle中存在输入验证错误漏洞。攻击者可借助特制的SCORM数据包利用该漏洞远程执行代码。以下产品及版本受到影响:Moodle 3.8版本至3.8.2版本,3.7版本至3.7.5版本,3.6版本至3.6.9版本,3.5版本至3.5.11版本及不再支持的老版本。
CVSS Information
N/A
Vulnerability Type
N/A