Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Moodle: moodle: improper input sanitization in tex filter administration setting
Vulnerability Description
A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator could result in unintended system command execution. While exploitation requires administrative privileges, successful compromise could affect the entire Moodle server.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Moodle 安全漏洞
Vulnerability Description
Moodle是Moodle开源的一套免费的电子学习软件平台,也称课程管理系统、学习管理系统或虚拟学习环境。 Moodle存在安全漏洞,该漏洞源于TeX过滤器管理设置对配置输入清理不足,可能导致命令注入。
CVSS Information
N/A
Vulnerability Type
N/A